We’re told that there’s a program listening on port 30002 that wants us to feed it the current level 24 password appended with a secret four digit pin. There’s a number of ways we could accomplish this (the box appears to have perl, ruby and python installed), but I went with a shell script. Bash is not a strong suite for me, so I hoped to maybe benefit a little from solving this exercise with a shell script.

The main problems are being able to format the pin correctly (we could need leading zeros), and to be able to pipe the results to the listening program. After some googling and man page reading, bash supports printf, so the formatting is easy enough. We can also use netcat to handle the network connections. Below is my solution:

#!/bin/bash

n="0"
bandit24="XXXXXXXXXXXXXXXXXXXXX"

while [ $n -lt 10000 ]
do
        counter=$(printf "%04d" "$n")
        ((n=n+1))
        echo "$bandit24 $counter"
        echo "$bandit24 $counter" | nc 127.0.0.1 30002
done