Bandit Level 15 Walkthrough

Level 14 ➔ Level 15: Communicating with Network Services

1. My Objective

I am currently logged in as bandit14. My goal is to retrieve the password for Level 15. However, this password isn't in a file on the hard drive. Instead, it is being held by a "service" (a program) listening on port 30000 of the local machine (localhost). To get it, I must connect to that port and "pay" the service by sending the current level's password.

The Mission Requirements: I need two things: The password for bandit14 (which I found in the previous level at /etc/bandit_pass/bandit14) and a tool to talk to network ports.

2. The Feynman Explanation: Ports and Shopkeepers

In the previous levels, I was looking for things in "Rooms" (Folders). Now, I am dealing with "Services." To understand this, I use a simple analogy:

The Large Department Store Analogy:

Imagine the server is a giant Department Store. The IP Address (or localhost) is the address of the building. But inside, there are thousands of different departments. Each department has its own Port Number.

Department 80 might be Clothing (Web server), Department 22 might be Security (SSH). In this level, I need to go to Department 30000.

When I arrive at that counter, the clerk won't just give me the prize. I have to show them my "Receipt" (the bandit14 password). If the receipt is valid, they hand me the next password. To "walk" to that counter and talk to them, I use a tool called nc (Netcat)—it's like a digital telephone that can call any department in the building.

3. Practical Solution

I am already logged in as bandit14. First, I make sure I have my current password ready, then I use nc to connect to the service.

# Step 1: Copy my current password from the pass file
bandit14@bandit:~$ cat /etc/bandit_pass/bandit14
fGrHPno6pE6vSAr4S019SAb36906sV... (I copy this)

# Step 2: Use Netcat (nc) to connect to localhost on port 30000
bandit14@bandit:~$ nc localhost 30000

# Step 3: The terminal waits. I paste the password and hit ENTER.
fGrHPno6pE6vSAr4S019SAb36906sV...

# The service responds with the password for Level 15:
Correct!
jNo3No6pE6vSAr4S019SAb36906sV...

Why did I use nc?

I used nc (Netcat) because it is the "Swiss Army Knife" of networking. It allows me to create a raw connection to any port. While I could use telnet, nc is more reliable and faster for these kinds of tasks.

🚀 My Pro Tips: Working with Network Ports

✨ Checking Open Ports (nmap)

If I didn't know the port was 30000, I could use nmap to "scan" the building and see which doors are open:
nmap -p 30000-31000 localhost

⭐ Automation with Echo

If I wanted to be extra fast, I could "pipe" the password into netcat in one single line:
cat /etc/bandit_pass/bandit14 | nc localhost 30000

🔍 What is 'localhost'?

I always remember that localhost (or the IP 127.0.0.1) is like a mirror. It always points back to the machine I am currently standing on. I am talking to a service running on the same computer.

4. Why this matters

I use these concepts every time I debug a web application or test a firewall. In the real world, programs don't just communicate through files; they talk over the network. Understanding how to manually connect to a port and send data is the first step toward understanding how APIs, Databases, and the Internet itself work.

Connection Successful!

I've successfully exchanged data with a network service. I'll save the new password and move on to Level 15 ➔ Level 16, where I will learn about SSL/TLS encrypted connections!

Tags: #Linux #Bandit #OverTheWire #Networking #Ports #Netcat #NcCommand #Localhost #CyberSecurity #FeynmanTechnique #CodeWithPritom #ProTips