Level 30 — The hidden branch There is a git repository at ssh://bandit30-git@localhost:2220/home/bandit30-git/repo via the port 2220. The password for the user bandit30-git is the same as for t...

Level 24 — Brute force a 4-digit PIN A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. The...

Level 18 — The .bashrc that kicks you out The password for the next level is stored in the file readme in the home directory. Unfortunately, someone has modified .bashrc to log you out when you...

Level 12 — The hexdump russian nesting doll The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it m...

Level 6 — Find across the whole filesystem The password for the next level is stored in a file somewhere on the server and has all of the following properties: owned by user bandit7, owned by g...

I’m starting this OverTheWire Bandit wargames series while running some beginner-friendly CTF meetings for the cybersecurity club at my university. Since I’m already solving the levels ahead of tim...