Level 13 → 14
Last updated
Was this helpful?
Last updated
Was this helpful?
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on
List the content of the current directory:
Display the content of the sshkey.private file:
This reveals sshkey.private contains an RSA private key.
Use the private key to SSH into bandit14 on localhost:
-i sshkey.private: Specifies the private key file to use for authentication
-p 2220: Specifies the port for the OverTheWire game server
bandit14@localhost: Connects to user bandit14 on the same machine
Note: Are you sure you want to continue connecting (yes/no/[fingerprint])? Yes
bandit14 accessed.
Once logged in as bandit14, access the password file:
The retrieved password: MU4VWeTyJk8ROof1qqmcBPaLh7lDCPvS
Log out of the bandit14 session to return to bandit13:
Access the next level:
Enter the password when prompted.
SSH keys can be used as an alternative to password authentication
Different user accounts can have varying levels of access to files on a system
Private keys should be kept secure and protected, as they grant access without a password
-- Othmane
