2026-01-27 · 1 min read

OverTheWire - Bandit writeups

Sharing this writeups by following overthewire rules. This writing have Level 0, 1 the baby step.

Given SSH Information on the site-

Host: bandit.labs.overthewire.org  
Port: 2220

using ssh to login-

 ssh bandit0@bandit.labs.overthewire.org -p 2220

Bandit Level 0

ssh bandit0@bandit.labs.overthewire.org -p 2220
given password: bandit0

after logged in-

bandit0@bandit:~$ ls
readme

bandit0@bandit:~$ cat readme
Congratulations on your first steps into the bandit game!!
The password you are looking for is: iKLXTmM6FvvyRnrb9rfNWOZOTa6ip56Z

Make sure you store the collected password for next login.

use exit to logged out.

Bandit Level 1 → Level 2

ssh bandit1@bandit.labs.overthewire.org -p 2220
found password: iKLXTmM6FvvyRnrb9rfNWOZOTa6ip56Z

bandit1@bandit:~$ ls
-

bandit1@bandit:~$ cat ./-
123JGJPfgU6LtABCdfWU1XP5yac30mJJ

bandit1@bandit:~$ exit
logout
Connection to bandit.labs.overthewire.org closed.

Explanation: To read a file named - (literal dash filename) in Linux:

cat ./ - (prefix ./ to disambiguate from stdin).
cat -- - (-- ends options, treats - as filename).
cat ./- (same as first).

Copyright © 2026 Mahidul Haque. This post is licensed under a CC BY-NC-ND 4.0 license. You may read, learn, and share links to this post for non‑commercial, educational purposes, as long as you give appropriate attribution. You may not copy, reproduce, adapt, distribute, or use this work commercially without explicit permission.