Write-up for OverTheWire:Bandit (Part III/III)

logo

Level 9

So the password for the next level is stored within the file called “data.txt” which contains only a few lines of human-readable strings starting with the character “=”, let’s find it.

bandit9@melinda:~$ ls -lh
total 20K
-rw-r----- 1 bandit10 bandit9 19K Jun  6 13:59 data.txt
bandit9@melinda:~$ strings data.txt |grep "="
Rj=G
========== the
=qy9g
,========== passwordc
========== is
=9-5
O=p~
#r=t!
7e}=eG
========== ********************************
uXI/{I=VPO=
6'Q|_=Vt
:={!
yd=6

I decided the best way to solve this problem was to use the “strings” command again and pipe the output to grep searching for the “=” character.

Level 10

The password for the next level is stored in the file “data.txt” which contains base64 encoded data.

 You can decode it either in python or on any online base64 decoding website. My favorite is base64decode.org .
bandit10@melinda:~$ ls -lh
total 4.0K
-rw-r----- 1 bandit11 bandit10 69 Jun  6 13:59 data.txt
bandit10@melinda:~$ cat data.txt
VGhlIHBhc3N3b3JkIGlzIElGdWt3S0dzRlc4TU9xM0lSRnFyeEUxaHhUTkViVVBSCg==
bandit10@melinda:~$ base64 -d data.txt
The password is ********************************

Screenshot (169)

Level 11

The goal for this level is the password is stored in the data.txt file and all lowercase and uppercase letters have been rotated by 13 potions, looking at the hint for ROT13 on Wikipedia I found the answer. The website I use for solving ROT ciphers is https://planetcalc.com/1434/ .

bandit11@melinda:~$ ls -lh
total 4.0K
-rw-r----- 1 bandit12 bandit11 49 Jun  6 13:59 data.txt
bandit11@melinda:~$ cat data.txt
Gur cnffjbeq vf 5Gr8L4qetPEsPk8htqjhRK8XSP6x2RHh

Screenshot (170)

Level 12

The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it is necessary to create a directory under /tmp in which you can work using mkdir. We need to decompress and check the file over and over again until we get the right format.

bandit12@melissa:~$ ls
data.txt
bandit12@melissa:~$ file data.txt
data.txt: ASCII text
bandit12@melissa:~$ mkdir /tmp/stw
bandit12@melissa:~$ cd /tmp/stw
bandit12@melissa:/tmp/stw$ xxd -r ~/data.txt > data.txt
bandit12@melissa:/tmp/stw$ file data.txt
data.txt: gzip compressed data, was "data2.bin", from Unix, last modified: Thu May 10 23:52:05 2012, max compression
 
bandit12@melissa:/tmp/stw$ zcat data.txt > dataNew
bandit12@melissa:/tmp/stw$ ls
dataNew  data.txt
bandit12@melissa:/tmp/stw$ file dataNew
dataNew: bzip2 compressed data, block size = 900k
bandit12@melissa:/tmp/stw$ bzip2 -d dataNew
bzip2: Can't guess original name for dataNew -- using dataNew.out
bandit12@melissa:/tmp/stw$ ls
dataNew.out  data.txt
bandit12@melissa:/tmp/stw$ file dataNew.out
dataNew.out: gzip compressed data, was "data4.bin", from Unix, last modified: Thu May 10 23:52:05 2012, max compression
 
bandit12@melissa:/tmp/stw$ zcat dataNew.out > evenNewer
bandit12@melissa:/tmp/stw$ ls
dataNew.out  data.txt  evenNewer
bandit12@melissa:/tmp/stw$ file evenNewer
evenNewer: POSIX tar archive (GNU)
bandit12@melissa:/tmp/stw$ tar -xvf evenNewer
data5.bin
bandit12@melissa:/tmp/stw$ file data5.bin
data5.bin: POSIX tar archive (GNU)
 
bandit12@melissa:/tmp/stw$ tar -xvf data5.bin
data6.bin
bandit12@melissa:/tmp/stw$ file data6.bin
data6.bin: bzip2 compressed data, block size = 900k
bandit12@melissa:/tmp/stw$ bzip2 -d data6.bin
bzip2: Can't guess original name for data6.bin -- using data6.bin.out
 
bandit12@melissa:/tmp/stw$ ls
data5.bin  data6.bin.out  dataNew.out  data.txt  evenNewer
bandit12@melissa:/tmp/stw$ file data6.bin.out
data6.bin.out: POSIX tar archive (GNU)
bandit12@melissa:/tmp/stw$ tar -xvf data6.bin.out
 
data8.bin
bandit12@melissa:/tmp/stw$ file data8.bin
data8.bin: gzip compressed data, was "data9.bin", from Unix, last modified: Thu May 10 23:52:05 2012, max compression
 
bandit12@melissa:/tmp/stw$ zcat data8.bin > lost
bandit12@melissa:/tmp/stw$ ls
data5.bin  data6.bin.out  data8.bin  dataNew.out  data.txt  evenNewer  lost
bandit12@melissa:/tmp/stw$ file lost
lost: ASCII English text
bandit12@melissa:/tmp/stw$ cat lost
The password is **************************
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s