OverTheWire: Bandit Level 8 to Level 9

Level goal: The password for the next level is stored in the file data.txt and is the only line of text that occurs only once

This level can be quite tricky if you don’t know about commands like sort and uniq and how it really works.

There are several commands which seems to be able to produce the output, but failed to do so. Personally, I learnt from these trial and error.

First, let us look at the sort -u command and how it works.

bandit8@melinda:~$ sort -u data.txt 0dJUVh7xSLq6OkSLaxUydzRBVVJlc78x 1JF4GVFmFLq7XT2mYPpCzEl2aT33zxfh { … removed …} yqtqjt2cJPMU6AEataMQSNmPtZuV7nX9 yuFfSTNzXeACMYRXVcxIbXVUvMk1cMKl

As you can see above, the sort -u commands has removed all the duplicated copies of strings when it is displaying the output, the records are indeed unique (you can verify it), however, it does not show me which record is only output only once.

Next, we will look at the uniq -c command. What uniq does is basically performing a comparison between each line of text with its previous line to check if they are unique, thus it is recommended that we combine it with a simple sort command to group up the strings which are duplicated.

bandit8@melinda:~$ sort data.txt | uniq -c
10 0dJUVh7xSLq6OkSLaxUydzRBVVJlc78x
10 1JF4GVFmFLq7XT2mYPpCzEl2aT33zxfh
{ ... removed ... }
10 Thw7rjDiq6JPBdYSP5PdpvebvYa4Woio
1 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
10 VM88tiT9pkZtuPDK2GGC7IhnqfzHQwkK
{ ... removed ... }

The -c parameter will count the number of occurrences of that particular string and append a prefix of its count. As you can see from the above output, there is only 1 record of UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR whereas all other strings were repeated for 10 counts within data.txt file.

There is an even faster way to get the password, by using the –u parameter. It works similarly to -c, but instead of counting the number of occurrences and appending it as a prefix before each string, it actually discount away all those records which have more than 1 count and only display the records which are totally unique (only 1 count).

bandit8@melinda:~$ cat data.txt | sort | uniq -u

The password to gain access to the next level is UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR.

kongwenbin: I am a security enthusiast, penetration tester and bug hunter who has a great passion in the area of information security. I love to share. Please feel free to leave a comment on my posts. Learning never stops!
Related Post