OverTheWire Bandit: Level 14 to Level 15
The Goal
Submit the current level’s password to a service running on port 30000 on localhost. It will return the next password.
What I Did
Logged in as bandit14 and tried nc --help to understand the command. Then made a wrong attempt:
1
bandit14@bandit:~$ nc -p 30000 aaWecNkG4FhxJQxz07uiwzVP6bJiYS65
That failed. I misread -p as the destination port flag. The usage message showed the correct syntax — destination and port go at the end as plain arguments, no flag needed.
Correct command:
1
2
3
4
bandit14@bandit:~$ nc localhost 30000
aaWecNkG4FhxJQxz07uiwzVP6bJiYS65
Correct!
pbLYuZtTg4MgaqfJx8jbA9gKKGqM68A7
Typed the bandit14 password, the service confirmed it was correct and returned the bandit15 password.
What localhost Means
localhost is a special hostname that always refers to the machine you’re currently on. It resolves to the IP address 127.0.0.1 — a reserved address that loops back internally and never touches the network.
When you’re logged into the bandit server and type localhost, you’re connecting to a service running on that same server — not your home machine, not the internet.
This is a common pattern in real systems. Internal services are often only accessible from within the server itself, blocked from the outside by a firewall. You couldn’t connect to port 30000 from your local machine even if you tried.
Source Port vs Destination Port
This level taught me an important distinction I initially got wrong.
Every network connection has two ports:
- Source port — the port your connection originates from on your machine. Chosen automatically by the OS unless you specify one.
- Destination port — the port you’re connecting to on the remote machine. This is the one that matters for reaching a specific service.
In nc, the -p flag sets the source port — rarely something you need to specify. The destination port is just a plain argument at the end:
1
nc [destination] [port]
So nc -p 30000 tells nc to send traffic from port 30000, which is not what I wanted. nc localhost 30000 connects to port 30000 on localhost — correct.
What netcat Is
nc (netcat) opens a raw TCP connection to any host and port. Whatever you type gets sent over the connection. Whatever the server sends back gets printed to your terminal. It’s one of the most useful tools in networking and security work — often called the “Swiss army knife of networking.”
Common uses:
- Testing if a port is open on a server
- Sending data to a service manually
- Setting up simple listeners to receive connections
- Banner grabbing — connecting to a service to see what it announces about itself
Other Commands in This Level
telnet — older tool that opens plain TCP connections, similar to netcat. Largely replaced by nc but still available on most systems.
openssl s_client — connects to a server using SSL/TLS encryption. Used when the connection needs to be encrypted rather than plain text.
nmap — network scanner. Discovers which ports are open on a host and what services are running. Standard tool in penetration testing for reconnaissance.
ssh — already covered. Encrypted remote shell access.
Commands Used
| Command | What it did |
|---|---|
nc --help | Checked the usage syntax |
nc -p 30000 ... | Failed — -p sets source port, not destination |
nc localhost 30000 | Connected to the service on port 30000 |
| Typed the password | Sent it to the service over the connection |