Bandit
Level 16
The credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.
Solution
Ran nmap on localhost and found two ports using SSL as shown below:
No luck on port 31518. Port 31790 gives us a private SSH key (hopefully for bandit17).
Copied the key to a file named bandit17, set appropriate permissions and try to login as bandit17.
This works!