Level: 0→1
Level: 1→2
Level: 2→3
Level: 3→4
Level: 4→5
Level: 5→6
Level: 6→7
Level: 7→8
Level: 8→9
Level: 9→10
Level: 10→11
Level: 11→12
Level: 12→13
Level: 13→14
Level: 14→15
Level: 15→16
Level: 16→17
Level: 17→18
Level: 18→19
Level: 19→20
Level: 20→21
Level: 21→22
Level: 22→23
Level: 23→24
Level: 24→25
Level: 25→26
Level: 26→27
Level: 27→28
Level: 28→29
Level: 29→30
Level: 30→31
Level: 31→32
Level: 32→33
Level: 33→34

~ Level 13→14 ~

Level Description

The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

ssh, telnet, nc, openssl, s_client, and nmap are all commands that may be used during this level.

A link regarding ssh and keys is also provided.

Research Before Solving

Upon navigation to the provided link we find information about private and public keys which are used for setting up secure connections between two hosts through authentication. The article details how to create these keys and then how to secure them. We are also told how to transfer a public key out to hosts so that it may be used. The final portion gives troubleshooting information.

ssh has been used to log in to all levels thus far so we will look at the switches this command has to offer. Upon scrolling down the list of options in the man pages, we find that -i will allow us to pass a file from which a private key can be read. The helpful reading material link given advises the computer that is being used to log in will provide a private key.

The level description also provides the IP address of 127.0.0.1, this is used to denote the current machine we are working from. Since this information is provided to us, we must assume that we will use it in our command.

Solution Walkthrough

Log in to the OverTheWire server as user bandit13. Start by using an ls to see the contents of the home directory.

using ls command to show private key file

We immediately find the private key to be used as the authentication key when connecting as bandit14. If you would like, feel free to cat this file to see what the key looks like.

Now, we will use the information gained from our previous research to put together a command. We will use ssh along with the -i switch. We must pass the file we wish to be used next, sshkey.private in this instance. Next is the host that we want to connect to. We want to connect as user bandit14. Since we are already logged into the server as bandit13, however, the IP Address will be the localhost address, or 127.0.0.1. Putting all of this together, our command becomes: ssh -i sshkey.private bandit14@127.0.0.1

When prompted for confirmation, type yes and hit enter.

The ssh process may fail, if it does, simply resubmit the command. If you're unaware, while at the shell prompt you may hit the up and down arrows to navigate through previously used commands. Press up once and hit enter to resubmit the last command.

You are now logged in as user bandit14. The final piece to the puzzle is reading the password. We are told by the level designers the password is located at /etc/bandit_pass/bandit14. Using cat with this path reveals the password!

As usual, record the password. You must now exit out twice, once as the user bandit14 and once as user bandit13. Move on to the next level!

Password: 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e

Previous Level

Next Level