Level Goal
The password for bandit7 is stored in a file somewhere on the server that meets all of these criteria:
- Owned by user
bandit7 - Owned by group
bandit6 - Exactly 33 bytes in size
Step-by-Step Solution
1. Exit Level 5 and SSH into Level 6
After retrieving the Level 6 password from maybehere07/.file2, exit your current SSH session:
exit
Then connect as bandit6 using the password obtained in Level 5:
ssh bandit6@bandit.labs.overthewire.org -p 22202. Verify No Files Are Visible Initially
Once logged in as bandit6, run:
lsNo files appear in the home directory.
3. Understand the File Selection Criteria
The level instructions state that the password file is:
- Owned by user
bandit7 - Owned by group
bandit6 - Exactly 33 bytes in size
4. Use find to Locate the File
To search the entire filesystem for a file matching those attributes, use:
find -user bandit7 -group bandit6 -size 33c
This command will print paths of any files owned by bandit7, in group bandit6, and exactly 33 bytes in size. While there may be many "Permission Denied" files, one matching file appears as:
/var/lib/dpkg/info/bandit7.password5. Read the Password File
Display its contents to obtain the password for bandit7:
cat /var/lib/dpkg/info/bandit7.password
The output is the password for bandit7.
Summary & Key Commands
exit: return to your local machine from Level 5.ssh bandit6@bandit.labs.overthewire.org -p 2220: connect asbandit6.ls: confirm no files in home directory.find -user bandit7 -group bandit6 -size 33c: locate the 33-byte file owned bybandit7and groupbandit6.cat /var/lib/dpkg/info/bandit7.password: display the file; retrieve thebandit7password.