Episode: 2138
Title: HPR2138: Hack the Box with Bandit
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr2138/hpr2138.mp3
Transcribed: 2025-10-18 14:48:24

---

This is HPR episode 2,138 entitled Hackmabox with Bandit.
It is hosted by Enable and is about 15 minutes long.
The summary is Enable talks about a Linux war game called Bandit.
This episode of HPR is brought to you by an honesthost.com.
Get 15% discount on all shared hosting with the offer code HPR15.
That's HPR15.
Better web hosting that's honest and fair at An Honesthost.com.
Hello, this is Anglai Bill and I thought I'd do an HPR today about something I've been
really having fun with the last week.
It's a, well they call it a war game, but these people put together a system that you
can SSH into and hack on the box.
So it's not often, well I haven't found it before, but you know, you have permission
just to go in there and you know, do whatever you want.
Of course they have things locked down, but I'll get into that in a bit.
Anyways, last weekend at our lug, Ramsey, I'd like to thank him for pointing this out
to me because I've been doing it all week, like after work just obsessed with this thing.
He told me about it, he gave me the URL and I was busy trying to root in old droid while
I was at the lug.
The lug's only like two hours long and then after that I was populating a circuit board
with resistors and so I had like 15 minutes left at the end of the lug and I looked at
this URL that Ramsey gave me at the beginning of the lug, I wish I looked at it earlier.
It is over thewire.org and the war game that he knew about and that I've been playing
is called Bandit.
Now I see if you click on War Games, it shows other things like Natus, Lavatin, I don't
know how to pronounce some of these, Krypton, Krypton, Mays, I'm hoping these are the same
type of thing because I've really been enjoying this Bandit thing.
Let me go back to Bandit, I'm looking at my screen as I talk.
So what this does is you SSH into it, it'll give you the first, it'll give you the SSH
address and it'll give you your nick and I think it gave me like an original password.
I can't remember because level zero was so long ago.
Yeah okay so level zero is the level goal, this is typical of each level, you'll have
a level goal and it's saying just SSH and use this username and use this password so each
level is going to teach you something so once you do that you'll get a key and that
key will be the password for the next level so like level one, the password for the next
level is stored in a file called slash located in the home directory.
So here they're telling you where the password is and what you need to do it, do to find
it.
Now each level will give you commands you may need to solve this level and this particular
one, this level one, they're listing out LSCD, Cat, File, DU and Find.
So if you're stuck on a level more than likely what you need to, the command you need is
going to be one of those suggested ones.
I'll tell you in a minute about one level where I thought this command you may need to
solve this level part or one command was lacking but I'll get to that in a minute.
So anyways it's 27 levels and each level gets progressively harder and each level is
teaching you something and you may need to reference things you learned in a previous
level.
So I mean I've been using Linux since, well I first found that Unix Lab in the late 90s
and all through 2000s I was playing around it and you know middle of 2000, like 20 years
I've been using Linux and I'm still learning commands by playing through this game because
you know as a desktop user and a laptop, I'm not really siss admitting anything.
Well I do have two servers but they're just my personal servers and they're serving up
webpages and GNU social and stuff like that, media goblin my pictures.
But there's some commands I never had to run.
So at the end of the log when I had like that 5, 10 minutes, 15 minutes I started playing
this and you know like I just flew through like up to level 5.
You know I know that, I know that, get the key, get the key, I think it was level 5.
Yeah, level 6 gave me some trouble.
So I'm flying through the levels and level 6, I've just never had to do this, I've never
had to search for a file by the group and the owner and then a specific size.
So that made me have to look up some commands that I never use.
So it's good to, if you're new to Linux or if you're seasoned to Linux try out this
game and I'm sure you're going to learn something along the way, I'll give you a few pointers
so you don't go down this road as well.
So like I said at the log, I got up to like level 5 or 6 and then end of the log comes,
it's time for the after meeting, let's go to the pub.
We actually talked about this game more, I was telling Asphere, you know check this out,
this is fun.
I get home and I open my laptop and I want to carry on where I left off.
Well when I shot my laptop it went to sleep and the key for the next level was in the
clipboard and of course it was gone though.
So I had no way to get into the like level 7 or level 6 wherever I was at.
So I had to start all the way over.
So here's a little hint, if you start playing this game, keep a local, I always just use
a nano but keep a local file and put every key in as you get it and save that file.
Also don't do like I do, I was putting him in nano and the file name was keys and you
know I'd list them out and I'd list them out and then last night I'm playing and I
did like three levels and I paced it in the key and then I just went to sleep and the
battery got so low that the computer went to sleep and it didn't save that nano file.
So every time you stick a key in to whatever text editor you use and make sure you save
it as well because you're going to be putting, there's, you're going to get to some levels
where you're going to want to save some other information and stuff.
So just organize your, oh also you know like I said earlier you'll be referencing things
you did previously, here's another trick, I got up to like level 8 and I realized I needed
to do something again like something and then something, I'm being very cryptic about
how I'm describing this because I don't want to give any spoilers because that wouldn't
be good.
I'd like you, if you want to try this out, you like enjoy it just like I did, find it fresh.
I'm not going to share any keys or any ways I did anything so, but anyways I got up
to like level 8 and I had all my keys stored in that text file and I realized I needed
to do something again that I did like in level 4 or 3 but I didn't remember what it was.
So next to the keys after 8 I wish I started from number 1 but after the keys I would
say just a little bit about you know what commands I used for that level, what else was
I going to say about this?
This might be a short episode because like I really can't go into detail about what
I did in each level, oh yeah this one, let me go up to 12 here, I'm just reading what
it was, yes, level 12, I feel like there was something lacking on this page if you get stuck
here as well, it says commands you need to solve this level, I feel like they didn't put
a key command in here and if you get really really stumped and you want to know what that
command is that I used, send me an email and I'll tell you just the command, I won't
tell you how to solve this level but it'll just, I mean I was stumped for a couple nights,
not full nights but I just do this after work before supper but yeah I feel like they
should have mentioned one more command here, I'm looking through my notes again, oh yeah,
my notes mentioned here, there is a way, it says it shows it on the over the wire webpage,
we child scoring, I don't know how to pronounce that and I didn't look into it but there is a way
somehow you can sign up to a webpage and you can get ranked somehow, every time you solve a level
you submit, I guess it submits how you finish the level and how quick you did it or something
and if you're interested in being ranked up with any of the other geeks that are playing this,
you can look into that as well, oh yeah here in my notes again, level 13, don't overthink this level,
I read what it wanted me to do and because I'm progressing and everything's getting progressively
harder, I thought on this one, oh boy they want me to really hack the box, so I wasn't even
SSH'd in and I'm starting to like run end map on their server and I'm starting to like wonder if
I have to look for ports that are open, don't overthink 13, that's that's maybe that was just me
but I lost a knight or two and it was just I was off on the wrong track, anyways I know this is
a really short episode but the fun you're gonna have from what I'm telling you here is if you
actually start playing this game and I mean I've been I've been at this for a week and well exactly
a week now and I am currently stumped on level 24 but when you get stumped because I've been stumped
in some of these other levels just sleep on it well sleep on it yeah hey through do you remember when
I came into status net at 3 a.m. in the morning and you said what the heck are you doing up
and I said I was sleeping but then I realized something to solve a problem and I had to get up and do
it it was this damn game that did that yes I woke up at 3 30 in the morning because one of these
levels I realized what I was doing wrong in the command that I was putting in and I went downstairs
open the laptop did the command properly it worked and then of course I couldn't fall back
asleep so be warned if you start playing this game you might lose sleep so here I am level 24
there's only a couple of levels left they're getting quite hard now and if you get stumped on a
level just more like I just said sleep on it or wait till the next day or come back fresh and
sometimes you just have different ideas of how to attack the I mean Linux there's 15 different
ways to do everything so you'll find a way through it and I'll find a way through 24 and
let's see how it gets harder from there 25 26 there's 27 levels so I'm hoping that once I finish
this these other war games are similar to this oh another thing I know I'm just kind of jumping
around a bit I'm just this is off the cuff and didn't I don't really yeah they mentioned specifically
don't give spoilers and don't you know tell your friends how you solve the levels and stuff
when I find a new command that I need to look at I'll first you know pull up the man page for it
but I find man pages can be kind of stuffy and just I rather see examples so the next thing I'll do
is go into Google I'll put the you know what was that one TR I had never used the TR command
so I'll put in TR Linux examples and I find it much easier to kind of get what the command does
by just seeing some examples run while I was doing that I sometimes whole YouTube videos would pop
up and it would be you know bandit 11 how to solve it you too about I didn't watch them but I
mean I don't know why some people says right there don't share your answers to keep the game fun
but somebody I don't know I'm so neat I have to show you how I got past level 18 or something but
if you do look hard enough you will find like complete how-tos on how to solve the level
I imagine I mean if you get up to like level 14 or something and you're just so stumped that
you're gonna quit the game I mean I imagine as a last resort just find like a solution and read
through it and then maybe you'll just you'll you'll have a learning experience there for that level
and then carry on I did that a bit with what was the one let me look up oh I know Rick I can look
in my that nano thing keys because I wrote down read up on this more after level 21 no level 20
yes level 20 going to level 21 I had never used the NC I've never used netcat
so I just had no idea what to do with it so I did go to someone's solution and I just slowly
just starting reading line by line and I think you know by a time I got to the sixth line I had
enough information just to point me in the right direction and go learn on my own but I didn't
read the full solution so if you get really stumped I'm sure it can be really frustrating so if you're
up to that point just try and figure out what that level means and then carry on okay that's
about all I have to say about it uh I hope you try it out I hope you have fun with it if anybody
wants to chit chat about it or like I said earlier that level at level 12 that seemed to be missing
command we can talk my email is ny bill at gunmonkinet.net and I'm always on GNU social and I'm in the
RC I'll cast plan it usually GNU social ny bill as well at gunmonkinet.net SN.commonkinet.net
I forget I haven't typed it in a long time okay try the game out I hope you have fun with it
I'll talk to you later
you've been listening to hecka public radio at hecka public radio dot org we are a community podcast
network that releases shows every weekday Monday through Friday today's show like all our shows
was contributed by an HPR listener like yourself if you ever thought of recording a podcast
then click on our contributing to find out how easy it really is hecka public radio was found
by the digital dog pound and the infonomicon computer club and it's part of the binary revolution
at binrev.com if you have comments on today's show please email the host directly leave a comment
on the website or record a follow up episode yourself unless otherwise stated today's show is
released under creative comments attribution share a like 3.0 license