Bandit Level 5 -> Level 6
- Platform: OverTheWire
- Wargame: Bandit
- Date: 2025-12-13 00:28
Overview
Bandit Level 5: The password for Level 6 is stored in a file named .file2 in the ~/inhere/maybehere07 directory.
The inhere directory contains 20 folders, and inside each folder are a list of files.
The goal is to identify the file with these attributes:
human-readable
1033 bytes in size
not executable
Connection:
Host: bandit.labs.overthewire.org
Port: 2220
User: bandit5
Password: (use the password from Level 4's -file07 file)
Steps
1. SSH into the server as bandit5
local
$
ssh bandit5@bandit.labs.overthewire.org -p 2220(enter the password you found in Level 4 when prompted)
2. Identify the text file in ~/inhere
bandit5@bandit
bandit5@bandit:~$
find inhere -type f ! -executable -size 1033c -exec file {} \; | grep textinhere/maybehere07/.file2: ASCII text, with very long lines (1000)
This confirms that .file2 is the wanted file.
3. Read the contents of .file2
Because the filename starts with ., one might need to use TAB completion:
bandit5@bandit
bandit5@bandit:~$
cat inhere/maybehere07/.file2(password for bandit6)
Alternatively: find . -type f -size 1033c ! -executable simply ran can find the file too.
The output is the password for Bandit Level 6. Use it to continue with ssh bandit6@bandit.labs.overthewire.org -p 2220.
Summary
- The password is stored in a file named
.file2inside theinheredirectory, which has 20 directories. Identify the correct file and usecatto read its contents, taking care to handle the leading dash (.) in the filename. - Use
findtogether withfileto locate the text file among the all directories & files (e.g.,find inhere -type f ! -executable -size 1033c -exec file {} \;). - Optional: Use
grepto search/check if file is a text file.