====== Linux Command Line ======

This event runs monthly on the **1st Monday** of the month from 6pm in [[https://www.thegamerclub.co.uk/gettinghere|The Gamer Club]].  Check the [[start|home page]] for the next date (or take a look at our [[https://www.meetup.com/open-source-glasgow/events/|meetup events page]]).


**Quick start: [[http://overthewire.org/wargames/bandit/|Go to -> OverTheWire's Wargame: Bandit]]**
 

We run regular monthly events aimed at teaching beginners how to use the Linux command line.  We generally run these on the third Tuesday of the month as part of the [[Practical Linux Tutorial]].

We use [[http://overthewire.org/wargames/bandit/|OverTheWire's Wargame Bandit]] as it provides us with a server to log into and starts off with the basics.  We'll explain how to connect to it with [[https://www.chiark.greenend.org.uk/~sgtatham/putty/|PuTTY]] or your operating system's built in [[wp>ssh]] client.

Not a beginner?  Join us and try the more advanced war games hosted by [[https://www.2600glasgow.com|2600 Glasgow]].  Race ahead and try your hand at the more difficult games/levels and work with others to learn how to beat them, or help us teach newcomers some of the more advanced topics.

The event is free, but there will be a donation tin to cover the meetup costs if you'd like to help out.

===== Tips =====
Level bandit11: ''alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'"''

===== Passwords =====
3QJ3TgzHDq
NsN1HwFoyN

These are here in case you lose your place, or want to resume from where you left off.
<code>
Level 0: bandit0
Level 1: ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If
Level 2: 263JGJPfgU6LtdEvgfWU1XP5yac29mFx
Level 3: MNk8KNH3Usiio41PRUEoDFPqfxLPlSmx
Level 4: 2WmrDFRmJIq3IPxneAaMGhap0pFhF3NJ
Level 5: 4oQYVPkxZOOEOO5pTW81FB8j8lxXGUQw
Level 6: HWasnPhtq9AVKe0dmk45nxy20cvUa6EG
Level 7: morbNTDkSW6jIlUc0ymOdMaLnOlFVAaj
Level 8: dfwvzFQi4mU0wfNbFOe9RoWskMLg7eEc
Level 9: 4CKMh1JI91bUIZZPXDqGanal4xvAg0JM
Level 10: FGUW5ilLVJrxX9kMYMmlN4MgbpfMiqey
Level 11: dtR173fZKb0RRsDFSGsg2RWnpNVj3qRr
Level 12: 7x16WNeHIi5YkIhWsfFIqoognUTyj9Q4
Level 13: FO5dwFsc0cbaIiH0h8J2eUks2vdTDwAn
Level 14: 

Level 14
is accesed from 13

Level 15

8xCjnmgoKbGLhHFAZlGE5Tmu4M2tKJQo


Level 16

kSkvUpMQ7lBYyCM4GBPvCvT1BfWRy0Dx

Level 17

bandit16@bandit:~$ nmap localhost -p 31000-32000
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-08-18 00:27 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00011s latency).
Not shown: 996 closed tcp ports (conn-refused)
PORT      STATE SERVICE
31046/tcp open  unknown
31518/tcp open  unknown
31691/tcp open  unknown
31790/tcp open  unknown
31960/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds
bandit16@bandit:~$

here is the 5 possabels I will try each

31046  not it
31518  keyupdate
31691  not it
31790  it
31960  not it


the pass to current
bandit16@bandit:~$ cat /etc/bandit_pass/bandit16
kSkvUpMQ7lBYyCM4GBPvCvT1BfWRy0Dx
bandit16@bandit:~$


after openssl s_client -connect localhost:31790 and feeding it the pass from 17 I got a ssh private key to get 18


Level 18

bandit17@bandit:~$ ls -a
.  ..  .bandit16.password  .bash_logout  .bashrc  passwords.new  passwords.old  .profile  .ssh
bandit17@bandit:~$ diff passwords.new passwords.old
42c42
< x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO
---
> CgmS55GVlEKTgx8xpW8HuWnHlBKP924b
bandit17@bandit:~$


x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO

Level 19

arron@arron-laptop:~/Documents/overTheWire/Bandit$ ssh bandit.labs.overthewire.org -p 2220 -l bandit18 cat readme
                         _                     _ _ _
                        | |__   __ _ _ __   __| (_) |_
                        | '_ \ / _` | '_ \ / _` | | __|
                        | |_) | (_| | | | | (_| | | |_
                        |_.__/ \__,_|_| |_|\__,_|_|\__|


                      This is an OverTheWire game server.
            More information on http://www.overthewire.org/wargames

backend: gibson-1
bandit18@bandit.labs.overthewire.org's password:
cGWpMaKXVwDUNgPAVJbWYuGHVn9zl3j8

cGWpMaKXVwDUNgPAVJbWYuGHVn9zl3j8

Level 20

bandit19@bandit:~$ ls
bandit20-do
bandit19@bandit:~$ ./bandit20-do
Run a command as another user.
  Example: ./bandit20-do id
bandit19@bandit:~$ ./bandit20-do id
uid=11019(bandit19) gid=11019(bandit19) euid=11020(bandit20) groups=11019(bandit19)
bandit19@bandit:~$ ./bandit20-do ks
env: ‘ks’: Permission denied
bandit19@bandit:~$ ./bandit20-do ls
bandit20-do
bandit19@bandit:~$ ./bandit20-do pwd
/home/bandit19
bandit19@bandit:~$ ./bandit20-do whoami
bandit20
bandit19@bandit:~$ ./bandit20-do  cat /ect/bandit/bandit20
cat: /ect/bandit/bandit20: No such file or directory
bandit19@bandit:~$ cat /etc/bandit_pass/bandit20
cat: /etc/bandit_pass/bandit20: Permission denied
bandit19@bandit:~$ cat /etc/bandit_pass/bandit19
cGWpMaKXVwDUNgPAVJbWYuGHVn9zl3j8
bandit19@bandit:~$ ./bandit20-do /etc/bandit_pass/bandit20
env: ‘/etc/bandit_pass/bandit20’: Permission denied
bandit19@bandit:~$ ./bandit20-do cat /etc/bandit_pass/bandit20
0qXahG8ZjOVMN9Ghs7iOWsCfZyXOUbYO


0qXahG8ZjOVMN9Ghs7iOWsCfZyXOUbYO


Level 21

bandit20@bandit:~$ nc -l localhost 1024
0qXahG8ZjOVMN9Ghs7iOWsCfZyXOUbYO
EeoULMCra2q0dSkYj561DX7s1CpBuOBt
bandit20@bandit:~$ 

bandit20@bandit:~$ ./suconnect 1024
Read: 0qXahG8ZjOVMN9Ghs7iOWsCfZyXOUbYO
Password matches, sending next password
bandit20@bandit:~$

EeoULMCra2q0dSkYj561DX7s1CpBuOBt


Level 22

#!/bin/bash

cat /etc/bandit_pass/bandit24 > /tmp/tmp.XVNmYMdvDE/banpass24.txt


gb8KRRCsshuZXI0tUuR6ypOFjiZbf3G8


old:
Level 6: DXjZPULLxYr17uwoI01bNLQbtFemEgo7
Level 7: HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
Level 8: cvX2JJa4CFALtqS87jk27qwqGhBM9plV
Level 9: UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
Level 10: IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
Level 11: 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
Level 12: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
Level 13: ssh bandit14@localhost -i sshkey.private
Level 14: BfMYroe26WYalil77FoDi9qh59eK5xNr
Level 15: cluFn7wTiGryunymYOu4RcffSxQluehd
Level 16: private key in 16-17 post. Stored in /tmp/zd16/pk.private
Level 17: w0Yfolrc5bwjS4qw5mq1nnQi6mF03bii
Level 18: IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
Level 19: GbKksEFF4yrVs6il55v6gwY5aVje5f0j
Level 20: gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr
Level 21: Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI
Level 22: jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n
Level 23: UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
Level 24: uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG
Level 25: 5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z
Level 26: 0ef186ac70e04ea33b4c1853d2526fa2 
Level 27: 3ba3118a22e93127a4ed485be72ef5ea
Level 28: bbc96594b4e001778eee9975372716b2
Level 29: 5b90576bedb2cc04c86a9e924ce42faf
Level 30: 47e603bb428404d265f59c42920d81e5
Level 31: 56a9bf19c63d650ce78e6ec0354ee45e
Level 32: c9c3199ddf4121b10cf581a98d51caee
</code>

===== Links =====
  * [[https://missing.csail.mit.edu/2020/shell-tools/|Missing Semester: Shell Tools and Scripting]]
  * [[https://linuxcommandlibrary.com/basic/oneliners.html|Interesting Linux One-Liners]]
  * [[Bash Scripts]]
  * https://home.adelphi.edu/~ni21347/cybersecgames/OverTheWire/Bandit/index.html
  * [[https://mayadevbe.me/posts/overthewire/bandit/level12/|Bandit Wargame Walkthroughs]]