The first level of Bandit, Level 0, is incredibly simple. You use the ssh command to connect to the game server. ssh stands for ‘secure shell’ and allows a user to connect securely to an ssh server. The website gives you the username and password required to access the server. Do not get used to that…
Level 0 -> Level 1 introduces some simple commands; ls and cat. ls lists the files in your current directory and cat outputs the contents of a file. The ls command can be modified by adding an option as seen below.
ls is the most basic, ls -a includes entries that start with ‘.’ and ls -l uses a longer listing format. These options can be used in conjunction e.g. ls -al.
As mentioned above, cat simply outputs the contents of a file, we can see that the file readme contained the password for the next level.
The next step is to copy the password to the clipboard and then connect via ssh to the next level.
When I first went through these levels I ran into a problem at this point, after getting the password I tried to use ssh email@example.com. This threw up an error stating that I couldn’t connect. After some digging and conversation in the Over The Wire IRC channel I was told that the machine that the game is hosted on doesn’t make outgoing connections for security reasons. So because I was already connected to the machine, it wouldn’t connect. What I had to do was to use the exit command to log out of the current ssh session and then log back in using the usual command. I also found that instead of logging out I could simply use ssh bandit1@localhost to connect because all the levels are hosted on the same machine and I technically wasn’t making an outbound connection.
For nearly all commands there is a manual page that can be accessed by adding man in front of the command e.g. man ls, man cat. The manual shows you the correct syntax for commands and gives a list of options that can be used and the effects that they have.