This is part one of our OverTheWire Bandit spoiler-free series, covering the first ten levels. If you’re interested in cybersecurity but not sure how to start with Bandit, this is written especially for you, and it’s what I wish I had back when I first started out.
When I was working through these levels, I was frequently frustrated. Sometimes the level solution felt contrived and dependent on obscure options of commands that you’d never use again. Sometimes I wish the listed commands had accompanying usage, to make for a nicer learning experience. I hope, by writing this little companion guide, I can help those who feel the same.
In this guide, I assume you’re familiar with the basics of using the terminal (navigating with
cd, reading files with
cat, etc.). If you’re not, I recommend reading through this guide by DigitalOcean to get started.
Is Bandit suitable for me?
Bandit contains 33 levels on the following topics:
- filesystems, such as finding files and dealing with hexdumps
- shell basics
- simple scripting
- networking (
- common command line utility programs (
If you could use a refresher on the above subjects, definitely attempt Bandit.
Otherwise, if you have lived in the terminal for years and are interested in OverTheWire wargames, I’d suggest you skip Bandit and instead pick:
- Natas, if you’re after web security challenges
- Leviathan, for a challenge more along the lines of Bandit, with general command line work and some reverse engineering
In the course of Bandit, you’ll be logging into their SSH server over thirty times. Instead of typing this every time (like I did years ago…):
ssh email@example.com -p 2220
With some extra config, you can shorten the comand to:
And here’s the config for it:
Host bandit HostName bandit.labs.overthewire.org Port 2220
It’s usually stored in
Goal: log into
Hint: how to use SSH
ssh <username>@<ip address or hostname>
And if the SSH service isn’t listening on the conventional port 22, then you’d need to append
Level 0 → Level 1
Goal: read the
readme file in the home directory.
Level 1 → Level 2
Goal: read the
- file in the home directory.
Hint: how to refer to files with special characters in the name
- represents the standard input. So if you execute
cat will obediently listen for your input. What you need is to specify the full path of the file. Just putting the file name in quotes is not enough.
If you’re curious about standard input (and output & error), see this article.
Level 2 → Level 3
Goal: read the file named “
spaces in this filename”.
Hint: how to refer to files with spaces in the name
One easy way is to hit the tab key and have your autocompletion insert backslashes right before the spaces. Another way is to use double quotes around the whole filename.
Level 3 → Level 4
Goal: read the hidden file in the directory
Level 4 → Level 5
Goal: read the only human-readable file in the directory
file command tells you the type of file you’re specifying, which is very useful when you’re dealing with unfamiliar files from unknown sources. Try
file <some jpg> and
file <some js file> to see what the outputs look like.
For example, when examining a text file with
file notes.txt, the output is
./notes.txt: ASCII text.
Hint (what am I looking for?)
You’re looking for the file that is actually
ASCII text and not
Hint (is there a way to do it in one line?) (spoiler)
For reference, the
. refers to the current directory, and the
* (the wildcard) matches any character. For example,
rm * removes all files in the current directory (except hidden files, i.e. files that start with
Level 5 → Level 6
Goal: find a file within numerous directories that is:
- 1033 bytes in size
- not executable
Definitely look up all the options available for
man ls and
man du. Given that we’re provided with a very specific size (1033), it’d be easy to first list every file size then search directly for that number with
du shows me wrong sizes)
-b with it. It shows the sizes in bytes instead.
Level 6 → Level 7
Goal: find the file somewhere on the server that is:
- owned by user
- owned by group
- 33 bytes in size
Whenever you need to find files that fulfill certain requirements such as ownership and permissions,
find is a robust choice. I recommend you look up
man find and learn about all its options.
Hint (how to
find by group)
find -group <group>
Hint (how to
find by user)
find -user <user>
Hint (where do I look for the file?)
You can start with
Level 7 → Level 8
Goal: find the line containing the word “millionth” (without the quotes of course) in the
If you’re not familiar with
grep yet, this is the level for you to learn about it! Use
grep whenever you need to find some text within some files.
For example, suppose you’ve just finished writing a feature in your web app and want to make sure that you didn’t leave any of the
console.log lines in. You can simply run
cat * | grep console. It prints out all the files in the current directory and shows you all the lines that contain “console”.
Level 8 → Level 9
Goal: find the only unique line in the
If you’re not familiar with piping and redirecting, definitely read the linked article in the official level page. This concept is crucial for any kind of command line work. And for this level, I’d recommend you read up on
uniq on the
Hint (how does
sort takes in a file either through the argument or the standard input and rearranges all lines in the file in order. For example, in this file called
file.txt we have
elixir haskell 1 2 ruby
When we execute
sort file.txt, it outputs
1 2 elixir haskell ruby
Hint (how does
uniq takes in a file and outputs unique lines, omiting duplicates. For example, in this file called
birds we have
myna myna humming bird humming bird humming bird dodo
When we execute
uniq birds, it outputs
myna humming bird dodo
You will find the
-c option very useful, as it reports the number of times a line has occurred.
uniq -c birds outputs
2 myna 3 humming bird 1 dodo
With this knowledge, you’re ready to solve this level!
Level 9 → Level 10
Goal: find the password in one of the only human-readable lines in the
data.txt file, preceded by several
When we examine the file with
head data.txt, we can see that most of the file is binary data and not human-readable. Whenever you need to find human-readable strings in binary data,
strings is your best friend. It’s very useful in reverse engineering, CTF games, and exploit development.
strings outputs too many lines!)
-n option, which only outputs strings of a minimum length that you specifiy. You can also try combining
grep, since we know that the password is preceded by many
We’ll be covering levels 10 to 19 in the next article. Hope you’ve enjoyed Bandit so far!
If you like my approach to CTF guides, maybe you’d like my fun & interactive cybersec courses too :)