Over the Wire - Bandit 5

Bandit 5

Objectives

The password for the next level is stored in the only human-readable file in the inheredirectory. Tip: if your terminal is messed up, try the “reset” command.


Solution

Ok

so after we login we see a familiar inhere directory listed in the home directory for bandit 4 lets see whats in there

bandit4@bandit:~$ cd ./inhere/ && ls -ltotal 40-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file00-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file01-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file02-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file03-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file04-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file05-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file06-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file07-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file08-rw-r----- 1 bandit5 bandit4 33 Oct 16  2018 -file09

we see 10 files named in the convention -file0*  let's see what type of files they are

bandit4@bandit:~/inhere$ file ./-file0*./-file00: data./-file01: data./-file02: data./-file03: data./-file04: data./-file05: data./-file06: data./-file07: ASCII text./-file08: data./-file09: data

we also could have checked the mime types here

bandit4@bandit:~/inhere$ file --mime-type ./-file0*./-file00: application/octet-stream./-file01: application/octet-stream./-file02: application/octet-stream./-file03: application/octet-stream./-file04: application/octet-stream./-file05: application/octet-stream./-file06: application/octet-stream./-file07: text/plain./-file08: application/octet-stream./-file09: application/octet-stream

Either way we see that -file07 is a text ascii file. Give the the requirement that the password is in the only human readable file I think we can assume from here that -file07 is where our password is

bandit4@bandit:~/inhere$ cat ./-file07koReBOKuIDDepwhWk7jZC0RTdopnAYKh

And there it is our password for the next level


now lets do it with python

I spent hours trying to script out a file that would read the mime types of the files and then put them through and while state statement with an if inside to parse our just file07 but I at this point in my python journey just couldn't get there especially since I couldn't use the magic library on the overthewire server...
so in the in the end I just made this script that gets all the files in the directory and prints the content out to the  screen... its ugly but its was the best I could do right now

import os

filesvar = os.listdir(os.curdir)count = 0

while count <=len(filesvar): print filesvar[count] f = open(filesvar[count]) f.read()
 count +=1

bandit4@bandit:~/inhere$ pythonPython 2.7.13 (default, Sep 26 2018, 18:42:22)[GCC 6.3.0 20170516] on linux2Type "help", "copyright", "credits" or "license" for more information.>>> import os>>>>>>>>> filesvar = os.listdir(os.curdir)>>> count = 0>>>>>>>>> while count <=len(filesvar):...  print filesvar[count]...  f = open(filesvar[count])...  f.read()
...  count +=1...-file09'N\xbb{\xe0\xea\xbdY\xb3d\x144\xd6\xd4\xf5\x93\x1a]3\xae\xa9\x00\xdc\xdf\xc4\x179(\xc2\nQ\x96\x88\xad'-file06'\x9c\x05\xa9@\xb9%@\xe4\xda\xcd\x18ZP*E\x02\x02\xa6\xf31\xc3V\x83\x99\x97\xcc\xab*\xa6\xae\x89\x19\xdb'-file01'\xbb\x98\xd8U"7\xa2w\x19\xe2\xda\xdeH\x81\xab\xc3\xaa\xd0Q\x90\xf4\x8d\x82(\x91\x04\xec\xc4#\xa6\xad\xd2\x00'-file02'\xe9\x1eT\x1f\x9ev\x9a\x8d(\xf1\xd6\xb4\xb2\x82\x9b\x83\xecA*\x95\n2\x15J\x89\xc5\x9e\xd8\x87_\xb5y7'-file05'+\x14\x03\xac\xbbp\x03\x10m\x1e\x01\xff\xb8\x87;\x11\xdd\xec:D\x98\xf8^\x9a\xba@\x00\xe2gl\xddQ\xeb'-file03'\xe9\x96.A\x88\xe9u\x9e\xfc#\xe7\xd5\x1c\xc5w$N?c\x83-\x9d\xbbDb3\x14\x8b\xe0=\xf6\x02\xf8'-file08"\x10\x1dFPn\xa1\x0b'\x8bU\xf4\x07\xb9\xe2M\xb7\x97/u\x0cXS\n\x8amu\xb2z\xf0\xc7\xc0\xd1\x85"-file07'koReBOKuIDDepwhWk7jZC0RTdopnAYKh\n'-file04'\x8e=<\xc2\x08\x8bW\xde\x07\xf5\xd6\x10\x00\x87\xa3ht\x84\x07Z\x93\x93!\x18\x10\x95\xdb{\x19\x96U\x0b\xf8'-file00'pC\xb5\xc4\r\xe8\xf7\xac\x82\xa8\xb0\x9e\x80\x13\xf4\xa6~%\t\x13C[\xa7\xea\xb1\xb1>\xfa\xd0\x04| \x94'