About Me
Avatar
Part time CTF Player learn every day!!
🌠 I Love Hoshimachi Suisei!! 🌠
🌠 I Love Hoshimachi Suisei!! 🌠

OverTheWire Bandit Level 3 → 4 tutorial!!

overthewire bandit walkthrough ctf linux beginner
Published on 11 Jan 2023

Login

Log in as bandit3 using the password you just obtained from Level 2 → 3.

ssh bandit3@bandit.labs.overthewire.org -p 2220
# password: MNk8KNH3Usiio41PRUEoDFPqfxLPlSmx

Why? Each Bandit level is a separate UNIX user. To solve 3 → 4, you must be the bandit3 user.

Task

Task

The password for the next level is stored in a hidden file named ...Hiding-From-You inside the directory inhere in bandit3’s home.

A little bit of Theory

  • Files are hidden if their name starts with a dot .. ...Hiding-From-You starts with a dot (actually three dots), so it’s hidden too.
  • Use ls -a / ls -la to list all files, including hidden ones.

  • The filename has no spaces; the hyphens are regular characters. You can still quote it to avoid typos:

    cat "...Hiding-From-You"

    or prefix with a path:

    cat ./...Hiding-From-You
  • Relative vs absolute paths: ./...Hiding-From-You (current dir) vs /home/bandit3/inhere/...Hiding-From-You.

Further reading:

Solution

  1. Go to the inhere directory

    cd inhere

    Why? The challenge states the hidden file is inside inhere.

  2. List everything (including hidden files)

    ls -la

    Why? Hidden files appear only with -a/-la. You should see ...Hiding-From-You.

  3. Read the hidden file

    cat "...Hiding-From-You"
# or
cat ./...Hiding-From-You

    Why? Prints the password to the screen; quoting/path prefix prevents mistakes.

cat

  1. Copy the password (no extra spaces/newlines).

  2. Log into the next level (bandit4)

    exit
ssh bandit4@bandit.labs.overthewire.org -p 2220
# paste the password you just found when prompted

Password

This is the password shown in my run; if yours differs, copy the one from your own terminal output.

2WmrDFRmJIq3IPxneAaMGhap0pFhF3NJ

Troubleshooting

  • No such file or directory → Ensure you’re in inhere and the filename is exactly ...Hiding-From-You (three leading dots).
  • Nothing appears with ls → Use ls -a/ls -la.
  • Permission denied → Confirm you’re logged in as bandit3.

Congrats 🎉 You found the hidden file and can now play as bandit4.

Thanks for reading!

Until next time — Otsumachi!! 💖☄️✨

Cinema

related posts

all tags

GOT-overwrite aboutme aead ai alphanumeric-shellcode apt argc0 argon2 aslr assembly asymmetric atoi automation backbox bandit base64 bash beginner behemoth binary binary-exploitation binary-to-ascii blackarch blind blind-sqli blogging blue-team bruteforce buffer-overflow buffer-overwrite c caesar canary capabilities checksec command-injection commonmark cookie cron crypto cryptography ctf cutter cyberchef cybersecurity defenders detection dev directory-traversal dnf docs drifter ecc education elf env envp exploitation finale forensics format-string formulaone frequency frequency-analysis gcc gdb getchar gfm ghidra github-pages governance gpg guide hashing hkdf http jekyll jmpbuf kali kasiski kdf kernel keylength kramdown krypton lab ld_preload leviathan lfi lfsr linux linux-syscall llmops log-poisoning ltrace manpage markdown maze memcpy mitigations mitmproxy mlops narnia natas networking newline-injection nonce nop-sled nx object-injection obsidian openssl osint overflow overthewire package-manager pacman parrot path path-hijacking pathname php pie pkc pki pointer-trick pqc priv-esc privilege-escalation provable-security pwn pwntools pyshark python race-condition radare2 rag randomness recon red-team redirect relro requests ret2env ret2libc reverse-engineering reversing ricing roadmap rop rot13 rsa scapy security seed seo serialization session setjmp-longjmp setuid shell shellcode smoke soc sockets sprintf sql-injection srop stack-canary stack-overflow strace strcmp strcpy streamcipher strings strncpy strtoul substitution suid suisei symlink symmetric terminal test threat-intel time-based tls troubleshooting tshark type-juggling ubuntu udp utumno vigenere virtualbox virtualization vmware vortex walkthrough web windows wireshark writing wsl x86
dash theme for Jekyll by bitbrain made with