🔤 OverTheWire Bandit Level 2: Handling Files with Special Characters

Level 2 introduces a common gotcha in Linux: files with special characters in their names. Specifically, files that start with a dash (-). This might seem like a small detail, but it's something you'll encounter in real penetration testing—and it can trip you up if you don't know how to handle it.

Level 2 teaches you:

How Linux interprets command-line arguments
Why dashes in filenames cause problems
How to use relative paths to access tricky files
Understanding stdin vs. file arguments

If you've been breezing through so far, Level 2 will make you think. That's the point—it's teaching you to pay attention to details.

🎯 The Objective

After logging into bandit1, your goal is to find the password for Level 2. The password is in a file, just like Level 1, but this file has a special name: it starts with a dash (-).

What Level 2 teaches:

Handling special characters in filenames
Understanding command-line argument parsing
Using relative paths (./)
The difference between stdin and file arguments

The challenge: Read a file named - (just a dash). Sounds simple, but try it the normal way and you'll see why it's tricky.

🔍 Understanding the Problem

Let's start by connecting to Level 1 and seeing what we're dealing with:

sshpass -p `cat bandit1` ssh bandit1@bandit.labs.overthewire.org -p 2220

Once connected, let's see what files are in the directory:

ls -la

You should see a file named - (just a dash character). That's your target.

The problem: If you try to read this file the normal way:

cat -

Something unexpected happens. Your terminal prompt changes, and it seems like it's waiting for input. What's going on?

🧠 Why This Happens: Understanding Command Arguments

Here's what's happening: Linux interprets the dash (-) as a command-line option, not a filename.

How Linux Parses Commands

When you type cat -, Linux breaks it down like this:

cat — the command
- — an argument

For many commands, a single dash (-) means "read from stdin" (standard input—your keyboard). So cat - tells cat to read from your keyboard, not from a file.

This is why your prompt changes — cat is waiting for you to type something, which it will then display back to you.

The Solution: Use a Relative Path

To tell Linux "this is a filename, not an option," you need to use a relative path. Specifically, you need to use ./ before the filename:

cat ./-

What ./ means:

. — Current directory
/ — Path separator
- — The filename

Together, ./- means "the file named - in the current directory."

📋 Step-by-Step Walkthrough

Step 1: Connect to Level 1

sshpass -p `cat bandit1` ssh bandit1@bandit.labs.overthewire.org -p 2220

Step 2: List Files

ls -la

You should see a file named -. It might look confusing in the listing, but it's there.

Step 3: Read the File Using Relative Path

cat ./-

Important: Use ./- not just -. The ./ tells Linux this is a file path, not a command option.

The output will be the password for Level 2.

Step 4: Save the Password

Copy the password and save it:

On Linux/macOS:

echo "PASSWORD_HERE" > bandit2

On Windows (PowerShell):

"PASSWORD_HERE" | Out-File -FilePath bandit2 -NoNewline

Step 5: Connect to Level 2

sshpass -p `cat bandit2` ssh bandit2@bandit.labs.overthewire.org -p 2220

💡 Understanding Relative Paths

Let's dive deeper into paths, because this concept is crucial:

Absolute vs. Relative Paths

Absolute path: Starts from the root directory (/)

Example: /home/bandit1/-
Always works from anywhere
Explicit and clear

Relative path: Starts from your current location

Example: ./-
Depends on where you are
Shorter and more convenient

Common Path Symbols

. — Current directory
.. — Parent directory (one level up)
~ — Home directory
/ — Root directory

Examples

# These all refer to the same file (if you're in /home/bandit1):
cat ./-                    # Relative: current directory
cat /home/bandit1/-       # Absolute: full path
cat ~/-                   # Home directory (if ~ = /home/bandit1)

🚨 What If You Get Stuck?

If you accidentally ran cat - and your terminal is waiting for input:

Option 1: Type the Correct Command

Just type the relative path:

cat ./-

Even though cat is waiting for stdin input, you can still type commands. The cat process will read what you type, but you can break out of it.

Option 2: Break Out and Start Over

Press Ctrl+C to cancel the current command, then run:

cat ./-

What Ctrl+C does:

Sends an interrupt signal
Stops the current process
Returns you to the command prompt

Option 3: Use an Absolute Path

If relative paths confuse you, use the full path:

cat /home/bandit1/-

This works from anywhere and is unambiguous.

🔒 Real-World Context

Why does this matter in penetration testing?

In real security assessments, you'll encounter:

1. Malicious Filenames

Attackers sometimes create files with tricky names to:

Hide files from casual inspection
Confuse automated tools
Exploit parsing vulnerabilities

2. Configuration Files

System files often have unusual names:

.bashrc (starts with a dot—hidden)
- (starts with a dash—looks like an option)
Files with spaces: my file.txt
Files with special characters: file@name#.txt

3. Log Files

Log files might have:

Timestamps in names: log-2024-01-16.txt
Special formatting: --debug.log
Encoded characters: file%20name.txt

The skill you're learning: How to access files regardless of their names. This is essential when:

Analyzing compromised systems
Reading configuration files
Extracting data from logs
Working with files created by attackers

🛠️ Alternative Methods

There are other ways to read files with dashes:

Method 1: Relative Path (Recommended)

cat ./-

Pros: Simple, clear, works everywhere Cons: None really

Method 2: Absolute Path

cat /home/bandit1/-

Pros: Unambiguous, works from anywhere Cons: Longer to type

Method 3: Using `--` Separator

Some commands support -- to indicate "end of options":

cat -- -

Pros: Explicitly separates options from arguments Cons: Not all commands support this

Method 4: Redirect from File

cat < ./-

Pros: Uses input redirection, bypasses argument parsing Cons: More complex syntax

For Level 2, use Method 1 (./-) — it's the simplest and most reliable.

🎓 Understanding stdin, stdout, and stderr

This is a good time to understand Linux's standard streams:

stdin (Standard Input)

Where commands read input from
Usually your keyboard
Can be redirected from files: cat < file.txt
Represented by - in many commands

stdout (Standard Output)

Where commands write normal output
Usually your terminal
Can be redirected to files: cat file.txt > output.txt

stderr (Standard Error)

Where commands write error messages
Usually your terminal
Separate from stdout

Why this matters: When you type cat -, the - tells cat to read from stdin (your keyboard), not from a file. That's why your prompt changes—it's waiting for you to type something.

🚨 Common Mistakes

Mistake 1: Forgetting the `./`

Wrong:

cat -

Right:

cat ./-

Why: Without ./, Linux thinks - is a command option, not a filename.

Mistake 2: Using `cat -` and Getting Confused

If you run cat - and your terminal seems stuck:

Don't panic
Press Ctrl+C to cancel
Use cat ./- instead

Mistake 3: Not Seeing the File in `ls`

The file - might be hard to spot in ls output. Use:

ls -la | grep "^-"

This shows only files (not directories) and makes - easier to see.

Mistake 4: Assuming All Commands Work the Same

Different commands handle dashes differently:

cat - reads from stdin
rm - might try to remove stdin (don't do this!)
ls - lists the current directory (.)

Always check how each command interprets -.

💻 Practice Exercise

Try these to reinforce what you learned:

Create a test file with a dash name:
```
echo "test" > ./-
```
Read it using different methods:
```
cat ./-
cat /full/path/to/-
cat < ./
```
List files and identify the dash file:
```
ls -la | grep "^-"
```
Clean up:
```
rm ./-
```

🔗 What's Next?

Level 3 introduces another file-naming challenge—files with spaces in their names. The solution is similar (use quotes or escape characters), but it's another common gotcha you'll encounter.

Before moving on, make sure you:

✅ Successfully read the file named -
✅ Understand why cat - doesn't work
✅ Know how to use relative paths (./)
✅ Can break out of stuck commands with Ctrl+C

📚 Key Takeaways

After completing Level 2, you should understand:

Special characters matter — Filenames with dashes, spaces, or other special characters need special handling
Relative paths — Using ./ tells Linux "this is a file path, not an option"
Command parsing — Linux interprets arguments before checking for files
stdin vs. files — - often means stdin, not a filename
Troubleshooting — How to recover when commands don't work as expected

🎯 Quick Reference

Problem	Solution	Example
File starts with `-`	Use relative path	`cat ./-`
File has spaces	Use quotes	`cat "my file.txt"`
File is hidden	Use `ls -a`	`ls -a`
Command seems stuck	Press `Ctrl+C`	Break out and retry

Questions about Level 2 or handling special characters in filenames? Reach out directly:

Email: m1k3@msquarellc.net
Phone: (559) 670-3159
Schedule: Book a free consultation

M Square LLC
Cybersecurity | Penetration Testing | No-Nonsense Advice