OverTheWire: Bandit Level 9 to Level 10

Level goal: The password for the next level is stored in the file data.txt in one of the few human-readable strings, beginning with several ‘=’ characters.

This level is similar to previous levels, which basically require us to search for the password in a text file. However, the difficulty is that you cannot perform the cat+grep command on it because it is a “binary” file instead of a text file.

This is when you can try out the strings command. Let’s look at the description of the strings command:

The string functions perform string operations on null-terminated strings. See the individual man pages for descriptions of each function.

In short, it goes through the entire file and any string values that it is able to find, it will display it to the output. As per the clue given to us to clear this level, let’s run a strings command on the data.txt file and grep only records with the “=” characters.

bandit9@melinda:~$ strings data.txt | grep "="
I========== the6
========== password
========== ism
========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

The password to gain access to the next level is truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk.

kongwenbin: I am a security enthusiast, penetration tester and bug hunter who has a great passion in the area of information security. I love to share. Please feel free to leave a comment on my posts. Learning never stops!
Related Post