← Back to Home

OverTheWire Bandit: Level 14 → Level 15

Technical Note

Context

Programs on a computer communicate with the outside world or each other through Ports. In this level, a background program (service) is listening on port 30000, waiting for us to send it the current password. If we provide the correct password, it will reply with the new one.

For this task, we will use Netcat (nc), often called the “Swiss Army knife” of networking tools.

Goal

Retrieve the password for the bandit14 user and submit it to port 30000 on localhost.

Solution

First, we need the current password (found in the previous level or stored in /etc/bandit_pass/bandit14). Then, we pipe it into the nc command.

Here is the command:

cat /etc/bandit_pass/bandit14 | nc localhost 30000

Command Breakdown:

  1. cat ...: Prints the current password.
  2. |: Pipes the output to the next command.
  3. nc localhost 30000: Connects to port 30000 on localhost (this machine) and sends the piped data.

Alternative (Manual) Method:

You can also connect first and type the password manually:

nc localhost 30000
# (Once connected, paste the password and hit Enter)
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e

Output:

Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

Our new password: BfMYroe26WYalil77FoDi9qh59eK5xNr

Key Takeaways

  1. Ports: Communication endpoints for applications on a network.
  2. Netcat (nc): A versatile tool for reading from and writing to network connections. It can act as both a client and a server.
← Previous Post
OverTheWire Bandit: Level 13 → Level 14
Next Post →
OverTheWire Bandit: Level 15 → Level 16