ssh email@example.com -p 2220
Read the password stored in a hidden file located in the inhere directory.
The particularity of a hidden file and complication it can bring is that he may be hidden (no ? really ?). Let’s take a look:
bandit3@bandit:~/inhere$ ls bandit3@bandit:~/inhere$
The directory looks empty. If we look into the man page of ls we see:
LS(1) User Commands NAME ls - list directory contents SYNOPSIS ls [OPTION]... [FILE]... DESCRIPTION List information about the FILEs (the current directory by default). Sort entries alphabetically if none of -cftuvSUX nor --sort is specified. Mandatory arguments to long options are mandatory for short options too. -a, --all do not ignore entries starting with .
Those hidden files are characterized by a dot at the beginning of the filename.
Repeating the previous command with the -a option we got:
bandit3@bandit:~/inhere$ ls -a . .. .hidden
Here is our file, we can now display the password.
Obviously the problem only occur when you try to list files of the directory without the option. The problem is avoided with the bash autocompletion which takes into account hidden files.
Finally we have:
bandit3@bandit:~/inhere$ cat .hidden pIwrPrtPN36QITSp3EQaw936yaFoFgAB