The password for the next level is stored somewhere on the server and has all of the following properties:
owned by user bandit7
owned by group bandit6
33 bytes in size
Commands you may need to solve this level: ls, cd, cat, file, du, find, grep
Lets see wich files there are in the home directory by doing ‘ls’, there are no files. They should be somewhere in the server, okaay.
Lets see the manpage of find to see which options we can use to locate the file with the specific specifications listed in the goal.
so what we found before is that we can use the -size n option, By reading the manpage we can use the option -user uname and -group gname. So lets try the next command:
find -size 33c -user bandit7 -group bandit6
We get no output, this is because we are still in the home directory. Lets move to / by doing and run the command again
We got a big list of files that match this file, with alot of error messages saying permission denied. If we add a redirect from errors to dev/null we should get a cleaner output.
find -size 33c -user bandit7 -group bandit6 2>/dev/null
Now there is only 1 file left in ./var/lib/dpkg/info/bandit7.password. Lets cat this file
there is the password.