 Alright, hey, what's going on guys welcome back? My name is John Hammond and this is another YouTube video this time exploring some of the over-the-wire war games you can check them out at overthewire.org and Let's get started with just to kind of the easy start is a level band. That's the first war game They kind of recommend really when you're just getting started They say it's aimed at absolute beginners will teach you the basics need to be able to play other war games and improve your cyber security skill You can read through all this if you really really want to but I'll probably just run through a lot of it and Try and teach and showcase what I'm doing as we go along Level zero. It's just the very first the start of the war game It knows okay. The goal of this level is just for you to log into the game using SSH So secure shell they give you a host name here bandit.labs overthewire.org and the port is specifically 20 oh My good why am I playing on 2220 holy crap? I don't know why I just didn't even know how to read those numbers in the normal English way All right use name is banded zero and passive in this case It's just banded zero so we can just log in and then go to level one to figure out how to beat this etc So we just need to use SSH if you have not heard of that before you can check out the Wikipedia article on it But it is just a protocol For kind of doing remote control and actually accessing another computer from your own So I'm in Linux right now and that's is what going that's what makes over-the-wire Pretty pretty simple and pretty easy to do is having a Linux terminal because it is all in Linux itself So let's go ahead and make a directory for us to work and call over-the-wire and let's make a banded folder Because that's the word game that we're gonna be working on I'm gonna keep track of these usernames just in their own file here and Username and password so the username will just be that in itself for the file name and the password just be inside So I can do easy things like SSH and SSH pass if you haven't used SSH pass before it's pretty neat Let me show you it It's a non-interactive SSH password provider So rather than every single time if we were to SSH banded zero at banded.labs.over-the-wire.org If you haven't used this SSH command before we're using our username at the host name So it kind of looks like an email address But that's how we can specify that's the user I want to look into because otherwise we try and log in as Just the current user that we're working with like John in my case I'll try and make this connection, but it won't work because okay, maybe it will cool You'll see I'm trying to log in as John at banded.labs.over-the-wire.org but we need to specify we're using banded zero cool and SSH it said the wargame is running on port 200 in 2200 what I don't even freaking know these numbers. So okay The one with a lot of twos and a zero at the end 2200 so we need to specify that for SSH as well We can check out the man page if you don't really know how to do that But it says here the port is just specified with attack P argument attack P tag here Q to break out of the man page attack P 2200 And now it prompts us for banded zero password and we can use banded zero to log in just like that You'll see this giant message of the day here when they say welcome to the website welcome over the wire There are a lot of war games here And they're denoting how a lot of the levels are stored in the file system as well as in the passwords and they're an etc That pass that war game name and then pass following that You can see the temp directory is accessible for you You cannot write in the home directories as kind of normal for any war game, but we can work in the temp directory just like that Don't leave your stuff lying around and we'll just run through it We'll get into more of the cool stuff in Later war games, but banded we can just run through the simple easy to use Linux terminal stuff I know I'm already running pretty late in the length of this in this video But I want to show you as a sage pass. So if we were to use our banded zero file name It's just I'm catting out the file and the content of the file is just banded zero But take my word for it if we were to just use this with back ticks That's using bash is command substitution. So that echoes out and is replacing whatever this is It's replacing what's inside the back ticks with the actual output of this command So cat banded zero is going to replace everything in here with banded zero and we'll use this for later When we have other passwords that are just in like a banded one file or a banded two file, etc So we can use SSH pass now if you don't have it installed It should just be pseudo apt install SSH pass use apt-get if you need to Use tech y update if you need to hit enter when it asks you do you want to do this? Yes, or no blah blah blah, but that's how you can do it. I Shouldn't have to because it's already installed It'll ask you for your password if you're the first time you're in sudo again run through the basic stuff in case you've never done this before So now we can SSH pass We use tackpeds and know the password that we're using and in that case we'll use our command substitution just like we did with the back ticks and SSH pass actually requires the real SSH command following it which is kind of weird. I Want to see if they show you an example here. I Guess they don't whatever But you do end up using SSH and then the rest of your original SSH syntax here We'll run through the easy ones to start off with because I know this video is getting along and we'll use our tack p here and 2200 and 20 I can actually read it all right if you haven't used SSH pass before on a host That you haven't already accepted the like RSA key for Do just the regular SSH command to begin with? So you can hit yes and enter and accept the SSH key But I've already done that so we can just use SSH pass tack p where we would have our password We're just gonna replace it kind of as an argument here but we're using command substitution and the back ticks to replace it just to the final name and I hit enter and we're logged in just like that. Don't have to enter a password or anything Okay, so This level just says check out level one and it says okay the password is stored in the file called read me located in the home directory We see it there ls. Let's just cat it out and There's the password for the next level. I'm gonna copy and paste that put that in bandit one Paste it in there and now we can use the exact same command change the user and just change the file that we're catting out to And now we can just log into the next one now you can see I'm bandit one So what is a prompt for this one? Okay, this password is stored in this file with a hyphen as its name, okay? Let's try and cat that out But you can see nothing is really happening because That hyphen is actually a symbol in Linux and kind of the unique files and stuff to denote standard input to denote that file stream Zero zero standard input that is your input on the keyboard and it's not really a file. It's just the file descriptor for standard input for your actual keyboard Input so that's why if you were to just run cat with no arguments by default. It does that exact same thing just reading from standard input But using cat hyphen as an argument is just also doing the exact same thing Hyphen when we want it to refer to our file name. We're actually just unfortunately getting a standard input You can see this if we tried to run the file command on This On that hyphen again There's an issue it says. Oh, okay We've read input from our command prompt from our command line and then it says oh standard input That was just ASCII text if we try to use a file asterisk to denote this file here in the current path It would say What's going on? It's still reading from standard input So the way we can actually read this file is just denoting it from a relative path We can say cat the period to say our current Directory and a forward slash to know we're working within that directory and the file name here just before just the hyphen cool Now we've got that password copy paste that put that in bandit 2 just as a file name We will change the username that we're logging in with et cetera and we'll move to bandit 2 I am using the control key and the arrow keys just to move through my prompt very quickly in case you didn't know And we'll check out what the prompt is for this one Okay, so the password for the next level is stored in a file called spaces in this file name This isn't too hard. We can LS we see it there We can just cat this out and if we could start to type it we could hit tab to autocomplete And that'll fill out the rest of the file name for us And you'll notice using backslashes right before every space character to try and escape that space and to have the command line actually interpret it that well because you were to just try cat Spaces in this file name It will say oh, I can't read this file spaces. I can't read this file in I can't read this file this because it's trying to tokenize all of these individual words as Arguments and as things you're giving to cat to the cat command the cat program. So we can cat with Spaces in this file name or remember I use tab to autocomplete here and we can get the password just like that or if we wanted to use the Single quotes or double quotes here. Whatever way we want to determine. Okay. This is a full string That I'm going to pass as one argument here If we're using the quotes, it'll tell cat that this is a whole argument. This is itself is one argument So that will work just fine and we can leave the spaces without being escaped with the backslashes cool Okay, let's store that as bandit 3 and let's call the video Quits right here because we are going pretty long. I hope you guys enjoyed these I think they're pretty small pretty simple But they are getting into the war games like over the wire and bandit that you are Going to see all the time in the capture flag scene. So thanks for watching guys join me in the next video