Level 18 – bandit – overthewire
Level Instructions:
“The password for the next level is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.”
bandit17@bandit:~$ ssh bandit18@localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
...
...
...
Byebye !
Connection to localhost closed.
bandit17@bandit:~$ ssh bandit18@localhost cat readme
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
...
...
...
bandit18@localhost's password:
IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
As hinted in the instructions for level 17 upon logging into bandit18 we receive a ‘Byebye !’ message right before our connection is automatically terminated.
Since we know that the password resides in a readme file within the home directory, we can append ‘cat readme’ to our connection command to print the contents of that file before our connection is terminated.