OverTheWire: Bandit Walkthrough

Solutions are hidden until revealed β€” try it yourself first!

Bandit Level 0: Enter the Game

View the challenge on OverTheWire

πŸ“ Goal

The goal of this level is to learn how to log into the game using SSH.

πŸ” Credentials

  • Username: bandit0
  • Password: bandit0
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

ssh, ls, cd, cat

πŸ’» Walkthrough

ssh [email protected] -p 2220

Bandit Level 0 β†’ 1

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

πŸ” Credentials

  • Username: bandit0
  • Bandit 0 Password: bandit0
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

ls, cd, cat

πŸ’» Walkthrough

bandit0@bandit:~$ ls
readme
bandit0@bandit:~$ cat readme
Bandit 1 Password

ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If

Bandit Level 1 β†’ 2

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in a file called - located in the home directory

πŸ” Credentials

  • Username: bandit1
  • Bandit 1 Password: ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

ls, cd, cat

πŸ’» Walkthrough

bandit0@bandit:~$ ls
-
bandit0@bandit:~$ cat <-
Bandit 2 Password

263JGJPfgU6LtdEvgfWU1XP5yac29mFx

Bandit Level 2 β†’ 3

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in a file called --spaces in this filename-- located in the home directory.

πŸ” Credentials

  • Username: bandit2
  • Bandit 2 Password: 263JGJPfgU6LtdEvgfWU1XP5yac29mFx
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

ls, cat, quoting, -- (argument terminator)

πŸ’» Walkthrough

bandit2@bandit:~$ ls
--spaces in this filename--
bandit2@bandit:~$ cat -- "--spaces in this filename--"
Bandit 3 Password

MNk8KNH3Usiio41PRUEoDFPqfxLPlSmx

Bandit Level 3 β†’ 4

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in a hidden file in the inhere directory.

πŸ” Credentials

  • Username: bandit3
  • Bandit 3 Password: MNk8KNH3Usiio41PRUEoDFPqfxLPlSmx
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

ls, ls -a, cd, cat

πŸ’» Walkthrough

bandit3@bandit:~$ ls
inhere
bandit3@bandit:~$ cd inhere
bandit3@bandit:~/inhere$ ls
bandit3@bandit:~/inhere$ ls -al
total 12
drwxr-xr-x 2 root    root    4096 Jul 28 19:03 .
drwxr-xr-x 3 root    root    4096 Jul 28 19:03 ..
-rw-r----- 1 bandit4 bandit3   33 Jul 28 19:03 ...Hiding-From-You
bandit3@bandit:~/inhere$ cat ...Hiding-From-You
Bandit 4 Password

2WmrDFRmJIq3IPxneAaMGhap0pFhF3NJ

Bandit Level 4 β†’ 5

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in the only human-readable file in the inhere directory.

πŸ” Credentials

  • Username: bandit4
  • Bandit 4 Password: 2WmrDFRmJIq3IPxneAaMGhap0pFhF3NJ
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

ls, cd, file, cat, ./-file*

πŸ’» Walkthrough

bandit4@bandit:~$ ls
inhere
bandit4@bandit:~$ cd inhere
bandit4@bandit:~/inhere$ ls
-file00  -file01  -file02  -file03  -file04  -file05  -file06  -file07  -file08  -file09
bandit4@bandit:~/inhere$ file ./*
./-file00: data
./-file01: data
./-file02: data
./-file03: data
./-file04: data
./-file05: data
./-file06: data
./-file07: ASCII text
./-file08: data
./-file09: data
bandit4@bandit:~/inhere$ cat ./-file07
Bandit 5 Password

4oQYVPkxZOOEOO5pTW81FB8j8lxXGUQw

Bandit Level 5 β†’ 6

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in a file somewhere under the inhere directory. The file is human-readable, 1033 bytes in size, and not executable.

πŸ” Credentials

  • Username: bandit5
  • Bandit 5 Password: 4oQYVPkxZOOEOO5pTW81FB8j8lxXGUQw
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

find, cat, ls, cd

πŸ’» Walkthrough

bandit5@bandit:~$ ls
inhere
bandit5@bandit:~$ cd inhere
bandit5@bandit:~/inhere$ ls -al
# (output showing many maybehereXX directories)

bandit5@bandit:~/inhere$ find -type f ! -executable -size 1033c
./maybehere07/.file2

bandit5@bandit:~/inhere$ cd maybehere07 && cat .file2
Bandit 6 Password

HWasnPhtq9AVKe0dmk45nxy20cvUa6EG

Bandit Level 6 β†’ 7

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in a file somewhere under the inhere directory. The file is human-readable, 1033 bytes in size, and not executable.

πŸ” Credentials

  • Username: bandit6
  • Bandit 6 Password: HWasnPhtq9AVKe0dmk45nxy20cvUa6EG
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

find, cat, 2>/dev/null

πŸ’» Walkthrough

bandit6@bandit:~$ find / -type f -user bandit7 -group bandit6 -size 33c 2>/dev/null
/var/lib/dpkg/info/bandit7.password

bandit6@bandit:~$ cat /var/lib/dpkg/info/bandit7.password

🧠 Explanation

πŸ”Ή Why find /?

The / tells find to start searching from the root of the filesystem. Since we don’t know where the target file is located, we have to search every directory on the system.

If you ran find . instead, it would only search the current directory and its subfolders β€” and you'd miss the file.

πŸ”Ή What does the find command do?

find / -type f -user bandit7 -group bandit6 -size 33c

This searches for files that meet all of these criteria:

  • -type f β†’ it's a regular file
  • -user bandit7 β†’ the file is owned by the user bandit7
  • -group bandit6 β†’ the file belongs to the group bandit6
  • -size 33c β†’ the file is exactly 33 bytes (the c suffix means "bytes")

πŸ”Ή Why add 2>/dev/null?

When searching from /, the find command will try to access restricted system directories, which throws lots of "Permission denied" errors.

To suppress that noise:

2>/dev/null
  • 2 = standard error (stderr)
  • > = redirect
  • /dev/null = a "black hole" that discards the errors

This keeps your output clean, so you only see valid results like:

/var/lib/dpkg/info/bandit7.password
Bandit 7 Password

morbNTDkSW6jIlUc0ymOdMaLnOlFVAaj

Bandit Level 7 β†’ 8

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in the file data.txt and is the only line containing the word β€œmillionth.”

πŸ” Credentials

  • Username: bandit7
  • Bandit 7 Password: morbNTDkSW6jIlUc0ymOdMaLnOlFVAaj
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

cat, grep

πŸ’» Walkthrough

bandit7@bandit:~$ ls
data.txt

bandit7@bandit:~$ cat data.txt | grep millionth
millionth    dfwvzFQi4mU0wfNbFOe9RoWskMLg7eEc

🧠 Explanation

πŸ”Ή Why use grep?

The challenge says the password is on the only line that contains the word "millionth" β€” so instead of manually searching, we use grep to filter it out.

πŸ”Ή What does this command do?

cat data.txt | grep millionth
  • cat data.txt β†’ prints the entire file.
  • | β†’ pipes the output to the next command.
  • grep millionth β†’ filters only the lines that include the word "millionth".

πŸ”Ή Cleaner Alternative

You can do the same thing with:

grep millionth data.txt

This skips the cat and is more efficient.

Bandit 8 Password

dfwvzFQi4mU0wfNbFOe9RoWskMLg7eEc

Bandit Level 8 β†’ 9

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in the file data.txt and is the only line that occurs exactly once.

πŸ” Credentials

  • Username: bandit8
  • Bandit 8 Password: dfwvzFQi4mU0wfNbFOe9RoWskMLg7eEc
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

sort, uniq -u

πŸ’» Walkthrough

bandit8@bandit:~$ ls -al
# (output showing data.txt owned by bandit9)

bandit8@bandit:~$ sort data.txt | uniq -u
4CKMh1JI91bUIZZPXDqGanal4xvAg0JM

🧠 Explanation

πŸ”Ή Why use sort?

The uniq command only works on consecutive matching lines.
By sorting the file first, all duplicate lines are grouped together, which allows uniq to detect them correctly.

πŸ”Ή What does uniq -u mean?

uniq -u
  • uniq filters out repeated lines.
  • -u (unique) means β€œonly show lines that appear once.”

πŸ”Ή Why use this combination?

sort data.txt | uniq -u

This pipeline:

  1. Sorts all lines in data.txt alphabetically so duplicates are next to each other.
  2. Passes that to uniq -u, which returns only the line that occurs exactly once.

That line is the password.

Bandit 9 Password

4CKMh1JI91bUIZZPXDqGanal4xvAg0JM

Bandit Level 9 β†’ 10

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in the file data.txt and is hidden amongst binary data. You’ll need to extract the human-readable strings and look for a line containing ===.

πŸ” Credentials

  • Username: bandit9
  • Bandit 9 Password: 4CKMh1JI91bUIZZPXDqGanal4xvAg0JM
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

strings, grep

πŸ’» Walkthrough

bandit9@bandit:~$ ls -al
# (output showing data.txt owned by bandit10)

bandit9@bandit:~$ strings data.txt | grep ===
========== the
D========== password
w========== is
========== FGUW5ilLVJrxX9kMYMmlN4MgbpfMiqey

🧠 Explanation

πŸ”Ή Why use strings?

The data.txt file contains mostly binary data. The strings command filters out that noise and extracts only human-readable ASCII text.

πŸ”Ή Why pipe to grep ===?

The challenge says the password is next to the "===" marker.
By filtering the output of strings with grep ===, you extract only the lines that might contain the password.

πŸ”Ή What’s the result?

Among the extracted lines, the one containing the actual password is:

========== FGUW5ilLVJrxX9kMYMmlN4MgbpfMiqey
Bandit 10 Password

FGUW5ilLVJrxX9kMYMmlN4MgbpfMiqey

Bandit Level 10 β†’ 11

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in the file data.txt, which contains base64-encoded text. You’ll need to decode it to find the password.

πŸ” Credentials

  • Username: bandit10
  • Bandit 10 Password: FGUW5ilLVJrxX9kMYMmlN4MgbpfMiqey
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

base64

πŸ’» Walkthrough

bandit10@bandit:~$ ls -al
# (output showing data.txt owned by bandit11)

bandit10@bandit:~$ base64 -d data.txt
The password is dtR173fZKb0RRsDFSGsg2RWnpNVj3qRr

🧠 Explanation

πŸ”Ή Why use base64 -d?

The file is encoded in base64, a way of encoding binary data into readable ASCII characters.
To get the original message (the password), you decode it using:

base64 -d data.txt
  • base64 is the command
  • -d means β€œdecode”

This outputs the original plaintext, which includes the password.

Bandit 11 Password

dtR173fZKb0RRsDFSGsg2RWnpNVj3qRr

Bandit Level 11 β†’ 12

View the challenge on OverTheWire

πŸ“ Goal

The password for the next level is stored in the file data.txt and is encoded using ROT13. You'll need to decode it to reveal the password.

πŸ” Credentials

  • Username: bandit11
  • Bandit 11 Password: dtR173fZKb0RRsDFSGsg2RWnpNVj3qRr
  • Host: bandit.labs.overthewire.org
  • Port: 2220

πŸ›  Useful Commands

tr 'A-Za-z' 'N-ZA-Mn-za-m'

πŸ’» Walkthrough

bandit11@bandit:~$ ls -al
# (output showing data.txt owned by bandit12)

bandit11@bandit:~$ tr 'A-Za-z' 'N-ZA-Mn-za-m' < data.txt
The password is 7x16WNeHIi5YkIhWsfFIqoognUTyj9Q4

🧠 Explanation

πŸ”Ή Why use tr?

The file uses ROT13 β€” a simple substitution cipher where each letter is rotated 13 positions in the alphabet.

The tr command can decode this by remapping letters:

tr 'A-Za-z' 'N-ZA-Mn-za-m'

This tells tr to:

  • Take uppercase A–Z and lowercase a–z
  • Replace each with the letter 13 positions ahead (wrapping around the alphabet)

πŸ”Ή Why use < data.txt?

This redirects the contents of data.txt into tr as input, allowing it to decode and print the result directly.

Bandit 12 Password

7x16WNeHIi5YkIhWsfFIqoognUTyj9Q4