OverTheWire Bandit: Level 3 → Level 4

1. Context

We have logged in as bandit3. The password for the next level is stored in a hidden file within the inhere directory. Our task is to locate and read this file.

2. Technical Logic

In the Linux filesystem, “hidden” is not a file attribute but a naming convention. Any file or directory whose name begins with a dot (.) is considered “hidden” (e.g., .bashrc, .git).

The standard ls command does not list these files by default to keep the output clean. To override this filter and see all files, we must use the -a parameter.

System administrators often combine -a (all files) with -l (long listing) to form ls -la. This provides valuable details like file permissions and size immediately.

3. Execution

Step 1: Navigate to Target Directory

ls
# Output: inhere
cd inhere

Step 2: List Files (Standard Approach)

ls
# Output: (Empty)

At first glance, the directory appears empty.

Step 3: List Hidden Files (Professional Approach) While -a is sufficient, using -la (long + all) is a good habit to check file permissions instantly.

ls -la
# Output:
# drwxr-xr-x 2 root    root    4096 Oct 14 09:26 .
# drwxr-xr-x 3 root    root    4096 Oct 14 09:26 ..
# -rw-r----- 1 bandit4 bandit3   33 Oct 14 09:26 ...Hiding-From-You

Here, besides . (current dir) and .. (parent dir), we see our target file ...Hiding-From-You with full usage permissions.

Step 4: Read Content

cat ...Hiding-From-You
# Output: [The password is here]

4. Result

Retrieve the password and proceed to the next level. Logout: exit New Connection: ssh bandit4@bandit.labs.overthewire.org -p 2220