~ Level 26→27 ~

When logging into the OverTheWire server as user bandit26 we are immediately kicked out. We learned of this phenomena last level when we were told that bandit26 does not load into a traditional bash shell.

We need to do something similar to the previous level, so log into bandit25 again. Make sure to resize your window and then issue the command to use the given private key: ssh -i bandit26.sshkey bandit26@127.0.0.1 We need to create a bash shell so that we can stay logged in as user bandit26. To do this, after hitting v to enter vim, we will type :set shell=/bin/bash. This command creates a variable called shell and then sets it equal to /bin/bash.

We then need to hit shift and = simultaneously so that we may enter the next command: :shell. This will call forth the variable creating a bash shell.

After pressing enter, you should now be logged into the server as bandit26.

We can then ls the home directory to list its contents. Sidenote: feel free to resize your window back to normal to help with accessibility.

We see a file eerily similar to one from level 19→20. The red background denotes escalated priveleges. If we run the file we see the following output:

Our suspicions were correct! We can now run a final command to show the password: ./bandit27-do cat /etc/bandit_pass/bandit27

Password: 3ba3118a22e93127a4ed485be72ef5ea It is easiest to once again close your session window and then reopen your ssh client before starting the next level.