Intro

Привет товарищ,
Today I will show you how solve all challenges from the wargame "Bandit" from OverTheWire. http://overthewire.org/wargames/bandit/


Little Memo

Before running into these challenges let's remind basic stuff.

How search in linux manual

man command on linux can be use to search for keyword.
Open any manual

man ls

Once it's done simply type
(Off course, replace KEYWORD by your search term little го́пник)

/KEYWORD

To go next occurrence simply type slash (/) again without KEYWORD.

asciicast

Now let's do the real job.



Bandit Level 0 → Level 1: го́пник test

Context

The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

Solution

Very basic test.

bandit0@bandit:~$ ls
readme
bandit0@bandit:~$ cat readme
bandit0@bandit:~$ boJ9jbbUNNfktd78OOpsqOltutMc3MY1

gif
Simple as that

Bandit Level 1 → Level 2: Dashed filename

Context

The password for the next level is stored in a file called - located in the home directory

Solution

bandit1@bandit:~$ ls -al
bandit1@bandit:~$ cat ./-
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9

gif

Bandit Level 2 → Level 3: Space in filename

Context

The password for the next level is stored in a file called spaces in this filename located in the home directory

Solution

bandit2@bandit:~$ ls
spaces in this filename
bandit2@bandit:~$ cat spaces\ in\ this\ filename
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK

gif

Bandit Level 3 → Level 4: Hidden file

Context

The password for the next level is stored in a hidden file in the inhere directory.

Solution

bandit3@bandit:~$ ls inhere/
bandit3@bandit:~$ ls -al inhere/
total 12
drwxr-xr-x 2 root    root    4096 Oct 16 14:00 .
drwxr-xr-x 3 root    root    4096 Oct 16 14:00 ..
-rw-r----- 1 bandit4 bandit3   33 Oct 16 14:00 .hidden

bandit3@bandit:~$ cat inhere/.hidden
pIwrPrtPN36QITSp3EQaw936yaFoFgAB

gif

Bandit Level 4 → Level 5: Only 1 readable file

Context

The password for the next level is stored in the only human-readable file in the inhere directory. Tip: if your terminal is messed up, try the “reset” command.

Solution

bandit4@bandit:~$ ls -Ral
./inhere:
total 48
drwxr-xr-x 2 root    root    4096 Oct 16 14:00 .
drwxr-xr-x 3 root    root    4096 Oct 16 14:00 ..
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file00
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file01
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file02
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file03
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file04
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file05
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file06
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file07
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file08
-rw-r----- 1 bandit5 bandit4   33 Oct 16 14:00 -file09

bandit4@bandit:~$ strings inhere/-file*
w$N?c
ZP*E
koReBOKuIDDepwhWk7jZC0RTdopnAYKh

gif

Bandit Level 5 → Level 6: Find the One

Context

The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:

  • human-readable
  • 1033 bytes in size
  • not executable

Solution

find . -type f -size 1033c ! -executable -exec file {} + | grep ASCII
cat inhere/maybehere07/.file2
DXjZPULLxYr17uwoI01bNLQbtFemEgo7

gif

Bandit Level 6 → Level 7: Find the One Again...

Context

The password for the next level is stored somewhere on the server and has all of the following properties:

  • owned by user bandit7
  • owned by group bandit6
  • 33 bytes in size

Solution

NzklM486T9FUKB811soho09
bandit6@bandit:~$ find / -type f -user bandit7 -group bandit6 -size 33c ! -executable -exec file {} + | grep ASCII

bandit6@bandit:~$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

gif

Bandit Level 7 → Level 8: One line, one word

Context

The password for the next level is stored in the file data.txt next to the word millionth

Solution

grep -Rni "millionth"
data.txt:96950:millionth        cvX2JJa4CFALtqS87jk27qwqGhBM9plV

gif

Bandit Level 8 → Level 9: Find the uniq

Context

The password for the next level is stored in the file data.txt and is the only line of text that occurs only once

Solution

sort data.txt | uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR

gif

Bandit Level 9 → Level 10:

Context

The password for the next level is stored in the file data.txt in one of the few human-readable strings, beginning with several ‘=’ characters

Solution

The easiest way to solve this challenge is to use regexp.
To test and improve your understanding of regexp you can use this tool: https://regex101.com

strings data.txt |grep "==.*"
2========== the
========== password
========== isa
========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

gif

Bandit Level 10 → Level 11:

Context

The password for the next level is stored in the file data.txt, which contains base64 encoded data

Solution

base64 -d data.txt
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR

gif

Bandit Level 11 → Level 12:

Context

The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions

Solution

For this challenge you can use this online tool.
http://rumkin.com/tools/cipher/caesar.php

Or with CLI

tr '[A-Za-z]' '[N-ZA-Mn-za-m]' < data.txt
5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

gif

Bandit Level 12 → Level 13:

Context

The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)

Solution

mkdir /tmp/AGS_11_12
cp data.txt /tmp/AGS_11_12/data.txt
cd /tmp/AGS_11_12

xxd -r data.txt data.out
file data.out
mv data.out data.gz
gzip -d data.gz

file data
bzip2 -d data

file data.out
mv data.out data.gz
gzip -d data.gz

file data
tar -xf data

file data5.bin
tar -xf data5.bin

file data6.bin
bzip2 -d data6.bin

file data6.bin.out
tar -xf data6.bin.out

file data8.bin
mv data8.bin data8.gz
gzip -d data8.gz
cat data8

8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL

gif

Bandit Level 13 → Level 14:

Context

The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

Solution

ssh bandit14@localhost -i sshkey.private
cat  /etc/bandit_pass/bandit14
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e

gif

Bandit Level 14 → Level 15:

Context

The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

Solution

echo "4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e" |nc 127.0.0.1 30000
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

gif

Bandit Level 15 → Level 16

Context

The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.

Solution

openssl s_client -connect 127.0.0.1:30001

[Input the password of the current lvl]
cluFn7wTiGryunymYOu4RcffSxQluehd

gif

Bandit Level 16 → Level 17

Context

The credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.

Solution

NB the password of the current lvl is stored here

cat /etc/bandit_pass/bandit16

Scan ports with netcat

nc -z -v localhost 31000-32000

localhost [127.0.0.1] 31790 (?) open
localhost [127.0.0.1] 31518 (?) open
openssl s_client -connect localhost:31790

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6Lzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1O4f7HVm6EpTscdDxU+bCXWkfjuRb7Dy9GOtt9JPsX8MBTakzh3
vBgsyi/sN3RqRBcGU40fOoZyfAMT8s1m/uYv52O6IgeuZ/ujbjY=
-----END RSA PRIVATE KEY-----

# Save it
chmod 600 /tmp/mykey/sshkey.pem

# Connect on bandit17 account
ssh -i /tmp/mykey/sshkey.pem bandit17@localhost

# Get the flag
cat /etc/bandit_pass/bandit17
xLYVMN9WE5zQ5vHacb0sZEVqbrp7nBTn

gif

Bandit Level 17 → Level 18:

Context

There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new

Solution

diff passwords.old passwords.new
42c42
< hlbSBPAWJmL6WFDb06gpTx1pPButblOA
---
> kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd

Pass: kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd

gif

Bandit Level 18 → Level 19

Context

The password for the next level is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.

Solution

To solve this one you need to execute a command on login.

ssh -t bandit18@bandit.labs.overthewire.org /bin/sh
cat readme
IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x

gif

Bandit Level 19 → Level 20: SUID bit

Context

To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.

Solution

./bandit20-do cat /etc/bandit_pass/bandit20
GbKksEFF4yrVs6il55v6gwY5aVje5f0j

gif

Bandit Level 20 → Level 21: Suid connect

Context

There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).

Solution

# Start server on port 31555
echo "GbKksEFF4yrVs6il55v6gwY5aVje5f0j" |nc -lvp 31555&

# Run the SU program
./suconnect 31555
connect to [127.0.0.1] from localhost [127.0.0.1] 51966
Read: GbKksEFF4yrVs6il55v6gwY5aVje5f0j
Password matches, sending next password
gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr

gif

Bandit Level 21 → Level 22: cron jobs

Context

A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

Solution

1- List all cron script running

bandit21@bandit:~$ cat /etc/cron.d/*
@reboot bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null
* * * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null

2- Modify cronjob_bandit22.sh to retrieve the password

nano /usr/bin/cronjob_bandit22.sh

#!/bin/bash
chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv

3- Get the password

cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI

The hacker ferret
gif

Bandit Level 22 → Level 23: bash cron jobs

Context

A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

Solution

From the script re-create the filename.

export myname=bandit23
echo I am user $myname | md5sum | cut -d ' ' -f 1
8ca319486bfbbc3663ea0fbe81326349
cat /tmp/8ca319486bfbbc3663ea0fbe81326349
jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n

gif

Bandit Level 23 → Level 24: FirstOwnScript

Context

A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

Solution

My script (yes, KISS)

#!/bin/bash

cat /etc/bandit_pass/bandit24 > /tmp/unpredictable_name231321

Now add this script on execution queue

cat > /var/spool/bandit24/test.sh
chmod +x /var/spool/bandit24/test.sh
watch cat /tmp/unpredictable_name231321

UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ

gif

Bandit Level 24 → Level 25: Bruteforce

Context

A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing.

Solution

My script, because python is efficient way.

#coding: utf-8
import socket

pin=0
passwd='UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ '
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('localhost', 30002))
s.recv(1024)
while True:
  print 'pin: ' + str(pin)
  s.sendall(passwd + str(pin) + '\n')
  data = s.recv(1024)
  if "Correct!" in data:
    print data
  else:
    print "Nop"
  pin += 1

Now, store and execute the script

cat > /tmp/notpossible_named_231414.py
chmod +x /tmp/notpossible_named_231414.py

python /tmp/notpossible_named_231414.py > /tmp/result_3132

pass: uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG

gif

Bandit Level 25 → Level 26: Break the shell

Context

Logging in to bandit26 from bandit25 should be fairly easy… The shell for user bandit26 is not /bin/bash, but something else. Find out what it is, how it works and how to break out of it.

Solution

Very creative challenge...

ssh bandit26@localhost -i bandit26.sshkey
  => Log out immedialtly

Let's check what welcome us

cat /etc/passwd|grep bandit26
bandit26:x:11026:11026:bandit level 26:/home/bandit26:/usr/bin/showtext

Get more details

cat /usr/bin/showtext
#!/bin/sh

export TERM=linux

more ~/text.txt
exit 0

So, you need to resize your terminal size to avoid more existing immediatly.
Once, you're on more interface:

1- run vim (type: v)

2- edit the file that contain the passwd
(type: e /etc/bandit_pass/bandit26)

5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z

gif

Bandit Level 26 → Level 27: Break the shell

Context

Good job getting a shell! Now hurry and grab the password for bandit27!

Solution

1- Reduce terminale size, (again)
2- Create a variable that contains path to bash
3- Execute the shell
4- Get the password

v
:set shell=/bin/bash
:shell

./bandit27-do cat /etc/bandit_pass/bandit27
3ba3118a22e93127a4ed485be72ef5ea

gif

Bandit Level 27 → Level 28: git

Context

There is a git repository at ssh://bandit27-git@localhost/home/bandit27-git/repo. The password for the user bandit27-git is the same as for the user bandit27.

Solution

Basic git stuff

mkdir /tmp/lvl27
cd /tmp/lvl27
git clone ssh://bandit27-git@localhost/home/bandit27-git/repo

cat repo/README
The password to the next level is: 0ef186ac70e04ea33b4c1853d2526fa2

gif

Bandit Level 28 → Level 29:

Context

There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo. The password for the user bandit28-git is the same as for the user bandit28.

Solution

mkdir /tmp/lvl28
git clone ssh://bandit28-git@localhost/home/bandit28-git/repo

cat repo/README.md

# Bandit Notes
Some notes for level29 of bandit.
## credentials

- username: bandit29
- password: xxxxxxxxxx
git log -p README.md
bbc96594b4e001778eee9975372716b2

Lvl28_29

gif

Bandit Level 29 → Level 30:

Context

There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29.

Solution

mkdir -p /tmp/AGS_Solv/lvl29
cd /tmp/AGS_Solv/lvl29
git clone ssh://bandit29-git@localhost/home/bandit29-git/repo

cat repo/README.md
# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: <no passwords in production!>

So let's check others branch of the git repo.

git branch -a
  list
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/dev
  remotes/origin/master
  remotes/origin/sploits-dev


git checkout remotes/origin/dev
git log -p

commit 33ce2e95d9c5d6fb0a40e5ee9a2926903646b4e3
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    add data needed for development

diff --git a/README.md b/README.md
index 1af21d3..39b87a8 100644
--- a/README.md
+++ b/README.md
@@ -4,5 +4,5 @@ Some notes for bandit30 of bandit.
 ## credentials

 - username: bandit30
-- password: <no passwords in production!>
+- password: 5b90576bedb2cc04c86a9e924ce42faf

gif

Bandit Level 30 → Level 31

Context

There is a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo. The password for the user bandit30-git is the same as for the user bandit30.

Solution

mkdir -p /tmp/AGS_Solv_lvl30
cd /tmp/AGS_Solv_lvl30
git clone ssh://bandit30-git@localhost/home/bandit30-git/repo

cat repo/README.md
    => Nothing


cat packed-refs
# pack-refs with: peeled fully-peeled
3aa4c239f729b07deb99a52f125893e162daac9e refs/remotes/origin/master
f17132340e8ee6c159e0a4a6bc6f80e1da3b1aea refs/tags/secret
  => Means that something isn't tracked anymore

git show f17132340e8ee6c159e0a4a6bc6f80e1da3b1aea
47e603bb428404d265f59c42920d81e5

Booom a password !

gif

Bandit Level 31 → Level 32

Context

There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo. The password for the user bandit31-git is the same as for the user bandit31.

Solution

mkdir -p /tmp/AGS_Solv_lvl31
cd /tmp/AGS_Solv_lvl31
git clone ssh://bandit31-git@localhost/home/bandit31-git/repo

cat README.md
This time your task is to push a file to the remote repository.

Details:
    File name: key.txt
    Content: 'May I come in?'
    Branch: master

git branch
* master

so let’s create our file with the specifications.

echo "May I come in?" > key.txt
git add key.txt
git add -f key.txt
git commit -m "Updated"
git push

And the server tell use the password !

bandit31-git@localhost's password:

Permission denied, please try again.
bandit31-git@localhost's password:
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 320 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: ### Attempting to validate files... ####
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
remote: Well done! Here is the password for the next level:
remote: 56a9bf19c63d650ce78e6ec0354ee45e
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
To ssh://localhost/home/bandit31-git/repo
 ! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'ssh://bandit31-git@localhost/home/bandit31-git/repo'`

YOLO WTC

Bandit Level 32 → Level 33

Context

After all this git stuff its time for another escape. Good luck!

Solution

We can try and invoke a command that doesn’t involve letters. Let’s try and invoke bash by typing in $0

cat /etc/bandit_pass/bandit33
c9c3199ddf4121b10cf581a98d51caee


Conclusion

We have reached the end of this challenge ! (for now)
I've learned so stuff and hope you too.
I encourage you to check others wargame available at http://overthewire.org/wargames

gif


Social stuff / Questions / Comments

Feel free to reach or tips me !

Mail: a_ghost_soul@protonmail.com
Twitter: @GhostAgs

If you appreciate my work please consider make a donation
Tipeee: https://fr.tipeee.com/ags-syndrome