Slavetomints
diff --git a/‎_config.yml‎
Lines changed: 3 additions & 3 deletions b/‎_config.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎_includes/analytics/goatcounter.html‎
Lines changed: 6 additions & 0 deletions b/‎_includes/analytics/goatcounter.html‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎_includes/pageviews/goatcounter.html‎
Lines changed: 21 additions & 0 deletions b/‎_includes/pageviews/goatcounter.html‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎_posts/2025-01-16-overthewire-bandit0.md‎
Lines changed: 89 additions & 0 deletions b/‎_posts/2025-01-16-overthewire-bandit0.md‎
Lines changed: 89 additions & 0 deletions
diff --git a/‎_posts/2025-01-16-overthewire-bandit1.md‎
Lines changed: 52 additions & 0 deletions b/‎_posts/2025-01-16-overthewire-bandit1.md‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎_posts/2025-01-16-overthewire-bandit2.md‎
Lines changed: 35 additions & 0 deletions b/‎_posts/2025-01-16-overthewire-bandit2.md‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎_posts/2025-01-16-overthewire-bandit3.md‎
Lines changed: 85 additions & 0 deletions b/‎_posts/2025-01-16-overthewire-bandit3.md‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎_posts/2025-01-16-overthewire-bandit4.md‎
Lines changed: 54 additions & 0 deletions b/‎_posts/2025-01-16-overthewire-bandit4.md‎
Lines changed: 54 additions & 0 deletions
@@ -61,7 +61,7 @@ analytics:
   google:
     id: # fill in your Google Analytics ID
   goatcounter:
-    id: # fill in your GoatCounter ID
+    id: slavetomints
   umami:
     id: # fill in your Umami ID
     domain: # fill in your Umami domain
@@ -75,7 +75,7 @@ analytics:
 
 # Page views settings
 pageviews:
-  provider: # now only supports 'goatcounter'
+  provider: goatcounter # now only supports 'goatcounter'
 
 # Prefer color scheme setting.
 #
@@ -88,7 +88,7 @@ pageviews:
 #     light — Use the light color scheme
 #     dark — Use the dark color scheme
 #
-theme_mode: dark # [light | dark]
+theme_mode: # [light | dark]
 
 # The CDN endpoint for media resources.
 # Notice that once it is assigned, the CDN url
 
@@ -0,0 +1,6 @@
+<!-- GoatCounter -->
+<script
+  async
+  src="https://gc.zgo.at/count.js"
+  data-goatcounter="https://{{ site.analytics.goatcounter.id }}.goatcounter.com/count"
+></script>
@@ -0,0 +1,21 @@
+<!-- Display GoatCounter pageviews -->
+<script>
+  document.addEventListener('DOMContentLoaded', () => {
+    const pv = document.getElementById('pageviews');
+
+    if (pv !== null) {
+      const uri = location.pathname.replace(/\/$/, '');
+      const url = `https://{{ site.analytics.goatcounter.id }}.goatcounter.com/counter/${encodeURIComponent(uri)}.json`;
+
+      fetch(url)
+        .then((response) => response.json())
+        .then((data) => {
+          const count = data.count.replace(/\s/g, '');
+          pv.innerText = new Intl.NumberFormat().format(count);
+        })
+        .catch((error) => {
+          pv.innerText = '1';
+        });
+    }
+  });
+</script>
@@ -0,0 +1,89 @@
+---
+title: Bandit Level 0 → Level 1
+date: 2025-01-16 14:00:00 +/-0600 
+category: [OverTheWire, Bandit]
+tags: [overthewire, bandit, writeups, training]
+description: OverTheWire Bandit Level 0 → Level 1
+---
+> ssh bandit0@bandit.labs.overthewire.org -p 2220
+>
+> password: bandit0
+{: prompt-info }
+
+## Intro to Bandit
+
+Welcome to Bandit! This is OverTheWire's beginner wargame and is meant to be an introduction to how the other wargames work. This makes it a wonderful place to get acquainted with UNIX systems.
+
+bandit0 is extremely easy by design, its whole purpose is to get you familiar with the syntax for `ssh` since it is what you will be using to connect to the challenge server for each level.
+
+### SSH basics
+
+The syntax for `ssh` is `ssh user@host -p port`. When it asks to continue connecting because it doesn't know the fingerprint, it means that it's never connected to this host before, and want you to confirm that this is the right host. It then asks us for the password, which we are provided in the challenge description.
+
+```terminal
+
+┌─[slavetomints@parrot]─[~]
+└──╼ $ssh bandit0@bandit.labs.overthewire.org -p 2220
+                         _                     _ _ _   
+                        | |__   __ _ _ __   __| (_) |_ 
+                        | '_ \ / _` | '_ \ / _` | | __|
+                        | |_) | (_| | | | | (_| | | |_ 
+                        |_.__/ \__,_|_| |_|\__,_|_|\__|
+                                                       
+
+                      This is an OverTheWire game server. 
+            More information on http://www.overthewire.org/wargames
+
+bandit0@bandit.labs.overthewire.org's password: 
+```
+
+Great! Welcome to the server! Let's take a look around and see what we can find here.
+
+```terminal
+
+bandit0@bandit:~$ ls
+readme
+```
+
+### The Command Prompt
+Now before we check out that file, if you've never wondered what the `bandit0@bandit:~$` means on the command line, let's quickly look at that.
+
+The first part is the username for the active user, who in this case is `bandit0`. If you want to find out for yourself who the active user is, run the command `whoami` in the command line.
+
+The next part, the `bandit` is the hostname of the machine. You can also find this out by running the aptly named command `hostname`.
+
+```terminal
+
+bandit0@bandit:~$ whoami
+bandit0
+bandit0@bandit:~$ hostname
+bandit
+```
+
+The "~", called a tilde, is your current location on the file system. The tilde means the user's home directory. If you go to another user's home directory, you'll see the full path to it, but you only see the tilde if it is your own home directory.
+
+```terminal
+
+bandit0@bandit:~$ cd /home/bandit1
+bandit0@bandit:/home/bandit1$ cd /home/bandit0
+bandit0@bandit:~$ 
+```
+
+Now, what does the `$` mean? It means that you are a user with normal user privileges. if you were the root user, you'd likely see a `#` instead, indicating that you have elevated admin privileges.
+
+Okay! So now let's look at the file we found earlier!
+
+### bandit0
+```terminal
+
+bandit0@bandit:~$ cat readme 
+Congratulations on your first steps into the bandit game!!
+Please make sure you have read the rules at https://overthewire.org/rules/
+If you are following a course, workshop, walkthrough or other educational activity,
+please inform the instructor about the rules as well and encourage them to
+contribute to the OverTheWire community so we can keep these games free!
+
+The password you are looking for is: {hidden in accordance with game rules}
+```
+
+Remember to save that password, as we'll use it to log into the next level.
@@ -0,0 +1,52 @@
+---
+title: Bandit Level 1 → Level 2
+date: 2025-01-16 14:00:00 +/-0600 
+category: [OverTheWire, Bandit]
+tags: [overthewire, bandit, writeups, training]
+description: OverTheWire Bandit Level 1 → Level 2
+--- 
+
+> ssh bandit1@bandit.labs.overthewire.org -p 2220
+> 
+> The password for the next level is stored in a file called **-** located in the home directory
+{: .prompt-info }
+
+## The Solution
+
+Using the password we got from the last challenge, lets ssh into the game server as `bandit1`
+
+```terminal
+
+┌─[slavetomints@parrot]─[~]
+└──╼ $ssh bandit1@bandit.labs.overthewire.org -p 2220
+                         _                     _ _ _   
+                        | |__   __ _ _ __   __| (_) |_ 
+                        | '_ \ / _` | '_ \ / _` | | __|
+                        | |_) | (_| | | | | (_| | | |_ 
+                        |_.__/ \__,_|_| |_|\__,_|_|\__|
+                                                       
+
+                      This is an OverTheWire game server. 
+            More information on http://www.overthewire.org/wargames
+
+bandit1@bandit.labs.overthewire.org's password: 
+```
+
+Now, this one seems simple enough, actually it should be just as easy as the last challenge, just `cat` the file and get a move on. So let's try that.
+
+```terminal
+
+bandit1@bandit:~$ cat -
+      
+```
+Huh, that's odd. What happened is that `-` is used for a few different things in UNIX/UNIX-like systems, most commonly to specify flags for a command such as `ls -sa`. Now what's happening is the terminal is waiting for the "rest" of the command, as it doesn't think that we are quite done yet.
+
+The way around it is to specify exactly what we want to `cat`. See the following
+
+```terminal
+
+bandit1@bandit:~$ cat ./-
+{hidden in accordance with game rules}
+```
+
+What this does is it uses `.` to specify the current directory, and then the file named `-` in it. And that how we can get the password for the next level.
@@ -0,0 +1,35 @@
+---
+title: Bandit Level 2 → Level 3
+date: 2025-01-16 14:00:00 +/-0600
+category: [OverTheWire, Bandit]
+tags: [overthewire, bandit, writeups, training]
+description: OverTheWire Bandit Level 2 → Level 3
+---
+
+> ssh bandit2@bandit.labs.overthewire.org -p 2220
+> 
+> The password for the next level is stored in a file called **spaces in this filename** located in the home directory
+{: .prompt-info }
+
+Alrighty, the challenge this time is to `cat` the contents of a file whose name has spaces in it. What happens if we just try to use the file as it?
+
+```terminal
+bandit2@bandit:~$ ls
+spaces in this filename
+bandit2@bandit:~$ cat spaces in this filename
+cat: spaces: No such file or directory
+cat: in: No such file or directory
+cat: this: No such file or directory
+cat: filename: No such file or directory
+```
+
+Why does this happen? It's because with the spaces they're interpreted as sperate files/directories, and since they dont exist, it cant output their content.
+
+So there are two ways we can do this, the first way is arguably easier and it's through simply putting the filename in quotes. The other way involves using the escape character `\` in front of each space to signal that it is part of the string and not part of the command `.\`
+
+```terminal
+bandit2@bandit:~$ cat 'spaces in this filename' 
+{hidden in accordance with game rules}
+bandit2@bandit:~$ cat spaces\ in\ this\ filename 
+{hidden in accordance with game rules}
+```
@@ -0,0 +1,85 @@
+---
+title: Bandit Level 3 → Level 4
+date: 2025-01-16 14:00:00 +/-0600
+category: [OverTheWire, Bandit]
+tags: [overthewire, bandit, writeups, training]
+description: OverTheWire Bandit Level 3 → Level 4
+---
+
+> ssh bandit3@bandit.labs.overthewire.org -p 2220
+> 
+> The password for the next level is stored in a hidden file in the **inhere** directory.
+{: .prompt-info }
+
+After `ssh`ing into the server, let's check out that directory.
+
+```terminal
+
+bandit3@bandit:~$ ls
+inhere
+bandit3@bandit:~$ cd inhere
+bandit3@bandit:~/inhere$ ls
+bandit3@bandit:~/inhere$ 
+```
+
+Hm, nothing, let's talk a little bit about `ls`. 
+
+## ls
+`ls` is short for the word `list`, and it does just that. it lists all the files and directories in the specified directory. If no directory is given, then it uses the current one. By default, hidden files and directories (those with a period in front of them), do not show up as they are considered "hidden". The man page shows this for the `-a` flag
+
+```
+  -a, --all                  do not ignore entries starting with .
+```
+
+## The Solution
+So, rerunning the earlier command with that flag we get.
+
+```terminal
+
+bandit3@bandit:~/inhere$ ls -a
+.  ..  ...Hiding-From-You
+```
+
+The `.` and `..` are the current directory and the directory one level higher up respectively, like how they would be used with `cd`. Wwhy is `.` the current directory, and why is `..` the directory one level up? It's from very early Unix, and exemplified in [this 1974 paper by Dennis Ritchie and Ken Thompson](https://people.eecs.berkeley.edu/~brewer/cs262/unix.pdf).
+
+Now that we know what the name of the file is, lets use cat to figure it out.
+
+```terminal
+
+bandit3@bandit:~/inhere$ cat ...Hiding-From-You 
+{hidden in accordance with game rules}
+```
+
+## Behind The Scenes
+### Why `.` and `..` Are Hidden Using `ls` By Deafult
+
+Rob Pike, a Canadian programmer that worked on Unix in the early years, had [this to say on the topic on his blog](https://web.archive.org/web/20141205101508/https://plus.google.com/+RobPikeTheHuman/posts/R58WgWwN9jp):
+> A lesson in shortcuts.  
+ >
+> Long ago, as the design of the Unix file system was being worked out, the entries . and .. appeared, to make navigation easier. I'm not sure but I believe .. went in during the Version 2 rewrite, when the file system became hierarchical (it had a very different structure early on). When one typed ls, however, these files appeared, so either Ken or Dennis added a simple test to the program. It was in assembler then, but the code in question was equivalent to something like this:  
+> 
+> `if (name[0] == '.') continue;`
+> 
+> This statement was a little shorter than what it should have been, which is  
+> 
+> `if (strcmp(name, ".") == 0 || strcmp(name, "..") == 0) continue; 
+>  
+>  but hey, it was easy.  
+>
+> Two things resulted.  
+> 
+> First, a bad precedent was set. A lot of other lazy programmers introduced bugs by making the same simplification. Actual files beginning with periods are often skipped when they should be counted.  
+>
+> Second, and much worse, the idea of a "hidden" or "dot" file was created. As a consequence, more lazy programmers started dropping files into everyone's home directory. I don't have all that much stuff installed on the machine I'm using to type this, but my home directory has about a hundred dot files and I don't even know what most of them are or whether they're still needed. Every file name evaluation that goes through my home directory is slowed down by this accumulated sludge.  
+>  
+> I'm pretty sure the concept of a hidden file was an unintended consequence. It was certainly a mistake.  
+> 
+> How many bugs and wasted CPU cycles and instances of human frustration (not to mention bad design) have resulted from that one small shortcut about 40 years ago?  
+> 
+> Keep that in mind next time you want to cut a corner in your code.  
+> 
+> (For those who object that dot files serve a purpose, I don't dispute that but counter that it's the files that serve the purpose, not the convention for their names. They could just as easily be in $HOME/cfg or $HOME/lib, which is what we did in Plan 9, which had no dot files. Lessons can be learned.)
+>
+> Aug 2, 2012
+
+The more you know!
@@ -0,0 +1,54 @@
+---
+title: Bandit Level 4 → Level 5
+date: 2025-01-16 14:00:00 +/-0600
+category: [OverTheWire, Bandit]
+tags: [overthewire, bandit, writeups, training]
+description: OverTheWire Bandit Level 4 → Level 5
+---
+
+> ssh bandit4@bandit.labs.overthewire.org -p 2220
+>
+> The password for the next level is stored in the only human-readable file in the **inhere** directory. Tip: if your terminal is messed up, try the “reset” command.
+{: .prompt-info }
+
+## Poking Around
+Let's take a look at the server now.
+
+```terminal
+
+bandit4@bandit:~$ ls
+inhere
+bandit4@bandit:~$ cd inhere
+bandit4@bandit:~/inhere$ ls
+-file00  -file01  -file02  -file03  -file04  -file05  -file06  -file07  -file08  -file09
+```
+
+Now, we're looking for the only human-readable file. While we could `cat` every single file, we run the risk of breaking our terminal if we output binary data. So, let's use the `file` command to figure out the file type!
+
+Now, remembering the lessons we learned earlier, if the file starts with '-' it is going to be interpreted as a flag, so instead lets prepend `./` to the file names. 
+
+Also, instead of just looking at each file one after another, let's use the wildcard `*` to designate that I want to use every single file in the directory.
+
+```terminal
+
+bandit4@bandit:~/inhere$ file ./*
+./-file00: data
+./-file01: data
+./-file02: data
+./-file03: data
+./-file04: data
+./-file05: data
+./-file06: data
+./-file07: ASCII text
+./-file08: data
+./-file09: data
+```
+
+Looks like `-file07` is the one we want.
+
+### The Solution
+```terminal
+
+bandit4@bandit:~/inhere$ cat ./-file07 
+{hidden in accordance with game rules}
+```