OverTheWire Bandit Guide

Previous Level Guide: Bandit Level 31 → 32

Access

SSH: ssh bandit32@bandit.labs.overthewire.org -p 2220

Password: 0WBZ2GRz8qqNu15o3Rxfxc1UxGNDKdFQ

Info

After all this git stuff, it’s time for another escape. Good luck!
Commands: sh, man

Theory

The description doesn't give us any info on the level, so just skip over to the solution part.

Solution

When we enter we are greated with a message of horror:

WELCOME TO THE UPPERCASE SHELL
>>

So turns out whatever command we put into it, it will read it as uppercase, which is bad because all the commands we've seen so far are lowercase. So we would need something that has all caps, and can break us out of this shell. And there is a solution, variables, which in Linux, they are all uppercase which makes it perfect for this, but there is one that can let us out of this shell. Variables in Linux are divided into shell variables (made by shell) and environment variables (in the entire system), and specifically $0 is a variable that helps us do just what we need to break out of the uppercase shell. So if we just type in $0:

>> $0

$ whoami
bandit33

There we go! We are in our usual shell, not only that, but it's the shell of the next level for some reason, so we can just grab the password from here:

$ cat /etc/bandit_pass/bandit33
GaD9x8jUHhhAYrOgmcqPrP0n59weW02S

$ exit

>> EXIT
sh: 1: EXIT: Permission denied

>> ^C
Connection to bandit.labs.overthewire.org closed.

Bruh, exit doesn't work. Good thing we have Ctrl+C.

Anyways, that's the password! Now we should be good to go to the next level.