Level 9 – 10
We continue to work with data.txt file from level 8, this time the password will be “one of the few human-readable strings, preceded by several ‘=’ characters”
As the text contains both strings (human readable), non-human readable data (binary), we want to concentrate on the former only, to do that we can use a command strings
now as we get a huge number of lines of text we want to look only at those that are preceded by several ‘=’ characters, we can use grep command to filter the results.
cat data.txt | strings | grep "===*"
The command will return the password that will allow us to access level 10
Level 10 – 11
In this level the password is once again stored in data.txt file, this time in order to retrieve it we need to use base64 to encode binary data stored in the file. To do that we will use base64 command with option –decode. As a result we get the password to the next level.
cat data.txt | base64 --decode
Level 11-12
As in several previous levels the password is stored in the data.txt file. This time the letters in the password have been rotated by 13 positions. This is a simple letter substitution cipher and to decode it we can use tr command, a standard utility used for translating or deleting characters. Using the following command will give us the password to the next level.
bandit11@bandit:~$ cat data.txt | tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
Level 12-13
Again, we need to extract password from data.txt file. This time the challenge lies in the fact that the file has been compressed multiple times, it has been also saved as a hexdump. As suggested by overthewire, we will start by creating a new folder under /tmp and then copy the data file into it
bandit12@bandit:~$ mkdir /tmp/supportingdir
bandit12@bandit:~$ cp data.txt /tmp/supportingdirLets now convert/decipher the file from hexdump format, we can do it using xxd command with option -r (reverse). We will now save it to a new file that we will call dc
bandit12@bandit:/tmp/supportingdir$ xxd -r data.txt > dcNext step is to determine which compression method was used, in this case file command will give us what we are looking for
now, lets change the name of the file to reflect compression format, then decompress it using gunzip command
bandit12@bandit:/tmp/supportingdir$ mv dc d.gz
bandit12@bandit:/tmp/supportingdir$ gunzip dc.gzas we know from the description provided in the challenge, the file has been compressed several time, lets use file command again
Lets repeat steps used when we dealt with gunzip compresion. First lets amend the name to reflect compression method, then use bzip2 command with -d option to decompress it
bandit12@bandit:/tmp/supportingdir$ bzip2 -d dc.bz2Lets use the file command again, we see that the file is still compressed, again with gzip. Lets repeat previous steps (add gzip extension – gz) and decompress it
using file command again:
repeating the same steps
bandit12@bandit:/tmp/supportingdir$ mv dc dc.tar
bandit12@bandit:/tmp/supportingdir$ tar -xf dc.tardecompressed file is named data5.bin (which we see using ls command)
using file command
bandit12@bandit:/tmp/supportingdir$ mv data5.bin data5.tar
bandit12@bandit:/tmp/supportingdir$ tar -xf data5.tarthe decompressed file is called data6.bin, compressed with bzip2
We repeat the same steps several times, adding proper extensions to the file and the decompressing it, until we are left with ASCII text file
lets try to open the text file with cat command and see if the password to the next level is stored there. It is.
We can now move to level 13 using it
