- Get link
- X
- Other Apps
- Get link
- X
- Other Apps
Bandit Level 3 Walkthrough
Level 2 ➔ Level 3: Dealing with Spaces in Filenames
1. Analyzing the Mission Brief
In the Level 3 screenshot, the challenge is clear: "The password is stored in a file called spaces in this filename."
Key Insights from the Image:
- Target Filename:
spaces in this filename - The Problem: If you type
cat spaces in this filename, Linux will think you are trying to open 4 different files: "spaces", "in", "this", and "filename". It will fail because none of those files exist individually.
2. The Feynman Explanation: Spaces as Separators
In the Linux terminal, a Space is not just a character; it's a Separator. It’s how the computer knows where one command ends and the next piece of information begins.
The Grocery Store Analogy:
Imagine you give a shopping list to a robot that only understands one word at a time. If you write: Green Apples, the robot looks for a "Green" and then looks for an "Apples." It gets confused because "Green" isn't an item.
To fix this, you have two choices:
- Put it in a box (Quotes): Tell the robot
"Green Apples". The quotes act as a box, telling the robot "everything inside this box is ONE item." - Glue them together (Escape Characters): Tell the robot
Green\ Apples. The backslash acts like glue, telling the robot "don't stop reading after the word Green; the space that follows is part of the name."
3. Step-by-Step Execution
Log in as bandit2 using the password from the previous level. Here are the two ways to solve this:
# Option 1: Using Double Quotes (The easiest way)
bandit2@bandit:~$ cat "spaces in this filename"
# Option 2: Using Backslashes (The manual way)
bandit2@bandit:~$ cat spaces\ in\ this\ filename
# Output (The Password):
MNVMH1X6igqlBDmpTDr6mL9vL9S9pqsS
bandit2@bandit:~$ cat "spaces in this filename"
# Option 2: Using Backslashes (The manual way)
bandit2@bandit:~$ cat spaces\ in\ this\ filename
# Output (The Password):
MNVMH1X6igqlBDmpTDr6mL9vL9S9pqsS
🚀 Pro Tips: Work Smarter, Not Harder
Real Linux experts almost never type out long filenames manually. Use these tricks to save time:
✨ The "Tab Completion" Magic (Must Know!)
Type cat ./--sp and then immediately press the TAB key on your keyboard. Linux will automatically fill in the rest of the name for you! If there are multiple files starting with 'sp', press TAB twice to see a list.
⭐ The Wildcard Shortcut
If you are lazy (like most hackers), you can use the asterisk (*). Type:
cat ./*--spaces*
The * tells Linux: "I don't care what letters come before or after, just find a file that has the word 'spaces' in it."
4. Why does this matter?
In the world of Cybersecurity, attackers often name files with spaces or strange characters to hide them from automated scripts that aren't programmed to handle them. Learning to navigate these files manually is a fundamental skill for any security researcher.
Great Job!
You've mastered special characters and spaces. Save the password and move to Level 3 ➔ Level 4, where we start hunting for hidden files!
Tags: #Linux #Bandit #OverTheWire #CatCommand #SpacesInFilename #TabCompletion #CyberSecurity #FeynmanTechnique #CodeWithPritom #ProTips
- Get link
- X
- Other Apps
Devoted to excellence as a Software Engineer
Comments
Post a Comment