{"id":16882613,"url":"https://github.com/valaydave/wargames","last_synced_at":"2026-05-11T09:25:19.188Z","repository":{"id":93795342,"uuid":"204980303","full_name":"valayDave/wargames","owner":"valayDave","description":"Bandit Wargame Solutions","archived":false,"fork":false,"pushed_at":"2019-08-30T03:25:56.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-11T20:37:03.991Z","etag":null,"topics":["bandit","wargame"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/valayDave.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-28T16:51:40.000Z","updated_at":"2019-11-09T11:07:52.000Z","dependencies_parsed_at":"2023-06-15T02:30:18.828Z","dependency_job_id":null,"html_url":"https://github.com/valayDave/wargames","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valayDave%2Fwargames","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valayDave%2Fwargames/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valayDave%2Fwargames/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valayDave%2Fwargames/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/valayDave","download_url":"https://codeload.github.com/valayDave/wargames/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244554135,"owners_count":20471173,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bandit","wargame"],"created_at":"2024-10-13T16:07:56.665Z","updated_at":"2026-05-11T09:25:19.145Z","avatar_url":"https://github.com/valayDave.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WAR GAMES Results. \n\n## BANDIT \n\n### Level 0 \n- Basic SSH command to reach and complete level. Read the readme file using. \n\n### Level 1\n- used the ```./``` convention to ```cat``` the filename. \n\n### Level 2 \n- used ```cat spaces\\ in\\ this\\ filename ``` to open file for password. \n\n### Level 3 \n\n- Steps : \n    - ```cd hidden```\n    - ```ls -lah```\n    - ```cat .hidden```\n\n### Level 4 \n\n- ```cd inhere \u0026\u0026 strings ./*``\n\n### Level 5\n\n- TO find the file : ```find ./ -type f -size 1033c -exec ls {} \\;```\n\n### Level 6 \n\n- To find the file : ```find / -type f -size 33c -group bandit6 -user bandit7 -exec ls -lh {} \\;```\n\n### Level 7 \n\n- ```cat data.txt | grep millionth```\n\n### Level 8 \n\n- ```cat data.txt | uniq | sort -d | uniq -c```\n\n### Level 9\n\n- ```strings data.txt | grep =*``` \n\n### Level 10 \n\n- ```cat data.txt | base64 --decode```\n\n### Level 11\n\n- ```cat data.txt | tr '[a-z]' '[n-za-m]' | tr '[A-Z]' '[N-ZA-M]' ```\n\n### Level 12 \n\n- password : 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu\n- ```xxd -r data.txt | zcat | bzcat | zcat | tar xO | tar xO | bzcat | tar xO | zcat```\n- bzcat : Used to decompress to standard output for bzip2 type files. \n- zcat: Used to uncompress information. \n### Level 13 \n\n- password : 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL\n- Copy private key to localmachine \n- create key file and chmod it \n- ssh using that key. \n\n### Level 14. \n\n- password : 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e\n- copy 14 password : ```cat /etc/bandit_pass/bandit14```\n- post it on : ```telnet localhost 30000```\n\n### Level 15 \n\n- Password : BfMYroe26WYalil77FoDi9qh59eK5xNr\n- ```openssl s_client -connect localhost:30001```\n\n### Level 16 \n\n- Password : cluFn7wTiGryunymYOu4RcffSxQluehd\n\n### Level 17\n\n- diff command btw old and new \n\n### Level 18\n\n- Password : kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd\n- run commands through ssh. \n\n### Level 19 \n\n- Password : IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x\n- ```./bandit20-do cat /etc/bandit_pass/bandit20```\n\n### Level 20 \n\n- Password : GbKksEFF4yrVs6il55v6gwY5aVje5f0j\n- ```netcat -vvl 127.0.0.1 -p 1111``` to send messages to the binary which connects on port 1111. \n\n### Level 21 \n\n- Password : gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr\n- Check cron file which leads to the sh file and then get the password from there. \n\n### Level 22 \n\n- Password : Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI\n- Cron file was putting the password in the tmp folder. For each user it was creating a copy in the tmp folder but in md5 format. So modifying the line in cronfile led to the file which held the password. \n\n### Level 23 \n\n- Password : jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n\n- Create a shell script inside a folder in the the tmp folder and also a text file inside the same folder. ```chmod 777``` both the files. \n- the shell script should cat the password in the bandit_pass folder for user bandit24 into a text file in the tmp directory\n- cp the shell script from current tmp folder to ```/var/spool/bandit24``` to make a copy of the script that will execute with the cron job. \n- The password is available in the text file in the tmp folder. \n\n### Level 24 : \n\n- Password : UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ\n\n- Using Brute force with netcat to add check for the password. \n\n- ```for i in {0000..9999}; do     echo \"UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i\"; done | nc localhost 30002 \u003e /tmp/valay/bandit25.txt```\n\n### Level 25 : \n\n- Password : `uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG`: Private Key given on lvl 25 for level 26. \n- Script to get password : \n```sh\nfor i in {0000..9999}; \ndo     \n    echo \"UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i\"; \ndone | nc localhost 30002 \u003e /tmp/valay/bandit25.txt\n\n```\n\n### Level 26 :\n\n- Password : ```5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z```\n- The ssh is modified to launch the ```more``` command and then exit. So resizing the window works for the more command. Once the window is small enough a size the more command works and the shell session doesnt exist. The more can convert to vi by pressing ```v``` in the more interface. \n- Using the ```:e /etc/bandit_pass/bandit26``` in the more interface gets us the password file for 26. \n- On top of that vi can offer an access to the shell from there. issue the command : ```:set shell=/bin/bash``` to the vi. Once set calling ```:shell``` to vi will open the shell for the user. \n\n### Level 27 \n\n- Password : ```3ba3118a22e93127a4ed485be72ef5ea``` \n- Git clone of repository gave the output. \n\n### Level 28 \n\n- Password : ```0ef186ac70e04ea33b4c1853d2526fa2```\n- Password stored in the git history of the repository. \n\n### Level 29 \n\n- Password : ```bbc96594b4e001778eee9975372716b2```\n- Password was present on a ref which held ```packed-refs``` which contain the different banch references from origin. One of the branches contained the password readme. \n\n### Level 30 \n\n- Password : ```5b90576bedb2cc04c86a9e924ce42faf```\n- One of the refs in the ```packed-refs``` contained a ref which gave the secret via ```git show f17132340e8ee6c159e0a4a6bc6f80e1da3b1aea``` \n\n\n### Level 31\n\n- Password : ```47e603bb428404d265f59c42920d81e5```\n- Required to override a file extension present in ```.gitignore``` for txt files. Required to create, commit and send a text file to origin which contained a message. \n\n### Level 32\n\n- Password : ```56a9bf19c63d650ce78e6ec0354ee45e```\n- using ```$0``` one can return back to original bash\n- and then find the password in banditpass. \n\n### Level 33\n\n- Password : ```c9c3199ddf4121b10cf581a98d51caee```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvalaydave%2Fwargames","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvalaydave%2Fwargames","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvalaydave%2Fwargames/lists"}