Level goal: The password for the next level is stored in the file data.txt and is the only line of text that occurs only once

This level can be quite tricky if you don’t know about commands like sort and uniq and how it really works.

There are several commands which seems to be able to produce the output, but failed to do so. Personally, I learnt from these trial and error.

First, let us look at the sort -u command and how it works.

bandit8@melinda:~$ sort -u data.txt 0dJUVh7xSLq6OkSLaxUydzRBVVJlc78x 1JF4GVFmFLq7XT2mYPpCzEl2aT33zxfh { … removed …} yqtqjt2cJPMU6AEataMQSNmPtZuV7nX9 yuFfSTNzXeACMYRXVcxIbXVUvMk1cMKl

As you can see above, the sort -u commands has removed all the duplicated copies of strings when it is displaying the output, the records are indeed unique (you can verify it), however, it does not show me which record is only output only once.

Next, we will look at the uniq -c command. What uniq does is basically performing a comparison between each line of text with its previous line to check if they are unique, thus it is recommended that we combine it with a simple sort command to group up the strings which are duplicated.

bandit8@melinda:~$ sort data.txt | uniq -c
10 0dJUVh7xSLq6OkSLaxUydzRBVVJlc78x
10 1JF4GVFmFLq7XT2mYPpCzEl2aT33zxfh
{ ... removed ... }
10 Thw7rjDiq6JPBdYSP5PdpvebvYa4Woio
1 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
10 VM88tiT9pkZtuPDK2GGC7IhnqfzHQwkK
{ ... removed ... }
10 yuFfSTNzXeACMYRXVcxIbXVUvMk1cMKl

The -c parameter will count the number of occurrences of that particular string and append a prefix of its count. As you can see from the above output, there is only 1 record of UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR whereas all other strings were repeated for 10 counts within data.txt file.

There is an even faster way to get the password, by using the –u parameter. It works similarly to -c, but instead of counting the number of occurrences and appending it as a prefix before each string, it actually discount away all those records which have more than 1 count and only display the records which are totally unique (only 1 count).

bandit8@melinda:~$ cat data.txt | sort | uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR

The password to gain access to the next level is UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR.

Good job in making your way to level 7! You should be better in using the find command to look for useful information now.

Level goal: The password for the next level is stored in the file data.txt next to the word millionth

This level is actually very simple and has a lot of ways to do it. Personally, I would prefer to simply cat the file and then grep the keyword mentioned in the hint, “millionth“.

bandit7@melinda:~$ cat data.txt | grep millionth
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV

 

There, you got it! The password to gain access to the next level is cvX2JJa4CFALtqS87jk27qwqGhBM9plV.

Level goal: The password for the next level is stored somewhere on the server and has all of the following properties: – owned by user bandit7 – owned by group bandit6 – 33 bytes in size

This level is very similar to the previous level, which you have already completed by now using the find command. However, in this level, we need to include more parameters to be more specific in what we want to search for, as the scope of search is the entire machine rather than just 80 files in a folder.

bandit6@melinda:~$ find / -user bandit7 -group bandit6 -size 33c
/var/lib/dpkg/info/bandit7.password

The above command basically perform a search on the root directory, as depicted by the slash (/) symbol right after the find command. Other parameters includes,

1. user, which defines the file owner, bandit7
2. group, which defines the file group, bandit6 in this case
3. size, which defines the size of the file. 33c means 33 bytes of characters

The output is the following,

bandit6@melinda:~$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

The password to gain access to the next level is HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

Like how we usually get started with any levels, the very first thing to do is always to run an ls command to find out what are the files that we have access to. In this case, wow, we are looking at 80 files.

Level goal: The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties: – human-readable – 1033 bytes in size – not executable

Well, 80 files are way too many for manual checking, just imagine yourself running cat on every single file, that is not only crazy, but also not practical – what if there are 8000 files instead of 80 files?

We need to narrow down the scope using the hints given to us, for instance, a file that is human-readable and 1033 bytes in size.

The find command is extremely handy in such situation, you can make use of the size and readable parameters as below,

bandit5@melinda:~/inhere$ find . -readable -size 1033c
./maybehere07/.file2
bandit5@melinda:~/inhere$ cat ./maybehere07/.file2
DXjZPULLxYr17uwoI01bNLQbtFemEgo7

The password to gain access to the next level is DXjZPULLxYr17uwoI01bNLQbtFemEgo7

The password for the next level is stored in the only human-readable file in the inhere directory. Tip: if your terminal is messed up, try the “reset” command.

Since only one file is human-readable and contains the password to the next round, instead of opening all the files one by one and read its content, why not print all its content and spot the password?

bandit4@melinda:~/inhere$ ls
-file00 -file02 -file04 -file06 -file08
-file01 -file03 -file05 -file07 -file09
bandit4@melinda:~/inhere$ cat ./-file0*
;▒-▒(▒▒z▒▒У▒▒ޘ▒▒8鑾?▒@c
 O8▒L▒c▒Ч7▒zb~▒▒ף▒▒U▒▒g▒f▒4▒6+>"▒▒B▒Vx▒▒d▒▒;de▒O▒:n▒▒▒▒8S▒▒Ѕ[▒/q▒(▒▒@▒▒M▒.▒t▒▒▒▒+▒▒5▒`▒¶R
▒1*6C▒u#Nr▒▒▒hZ▒▒▒P▒邚▒▒▒{#▒TP▒▒6▒]▒▒X:▒▒▒!▒>P▒
d{▒▒▒▒ҏH▒▒▒xX|▒koReBOKuIDDepwhWk7jZC0RTdopnAYKh
#[:*▒▒▒?▒▒j▒▒▒U▒

The password to gain access to the next level is koReBOKuIDDepwhWk7jZC0RTdopnAYKh