The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 > whatis grep grep (1) - print lines that match patterns > whatis sort sort (1) - sort lines of text files > whatis uniq uniq (1) - report or omit repeated lines > whatis strings strings (1) - print the sequences of printable characters in files > whatis base64 base64 (1) - base64 encode/decode data and print to standard output > whatis tr tr (1) - translate or delete characters > whatis tar tar (1) - an archiving utility > whatis gzip gzip (1) - compress or expand files > whatis bzip2 bzip2 (1) - a block-sorting file compressor, v1.0.8 > whatis xxd xxd (1) - make a hexdump or do the reverse.
Note: All commands don’t have to be used to complete level
View the contents of the current working directory
1 2 bandit9@bandit:~$ ls data.txt
Peek at the data that is present in the file. This can be achieved using the
1 2 3 4 5 6 7 bandit9@bandit:~$ head -n 4 data.txt�L�lω;��ßOܛ��ǤX��NdT$��x7��@D@�o��+D��B��M֢�Z/,_��w��#�5��� Ў�e�&�-��Ϣ�6Q8��J�%fa� �np�6l |c���WW"&8��f�� ��VJ�$�S~����d� �p�k�U�;ֿ�v�Am��H��tɘ�3�ߘ�(ǟ�E' ���'��:��uP�ע���������g�
(The -n flag allows us to specify how many lines to print from the start of the file. We can use the
tail command to look at the last n lines of a file)
Human-readable strings in a file can be found using the
strings command. The
-e flag is used to specify the character encoding. We are assuming the human-readable line is ASCII text so we use “s” for the encoding type
(Refer to attached resources for more information)
We also know that the line with the password starts with a few “=” characters. We can look for this pattern in the file using the
grep command. We can combine all these commands into a single line using the
| (pipe) operator
1 2 3 4 5 bandit9@bandit:~$ cat data.txt | strings -e s | grep == ========== the*2i"4 ========== password Z)========== is &========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
cat command is used to read the data from the file which is then passed as input to the next command in the line using pipes
We have found the password for the next level !!
Logout of the current session and use the password of user bandit10 to access the next level
1 2 3 4 > ssh email@example.com -p 2220 This is a OverTheWire game server. More information on http://www.overthewire.org/wargames firstname.lastname@example.org's password: truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk