Using the strings command, we learn how to manipulate the output of a binary file by grabbing all the strings inside, as well as are reminded how to reset our terminal using reset and CTRL-L if needed.
Level Instructions
The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.
Level Solution
First we have to login via SSH using the previous level’s user bandit9 (using their password UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR which we found in the previous level).
1. Connecting
1
2
3
4
ssh bandit9@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit9@bandit.labs.overthewire.org's password:
Just copy and paste the password
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhRwhen prompted, and hitENTER. You won’t see a cursor. That’s normal.
2. Searching
We immediately find the data.txt file in our home (~) directory using the ls command:
1
2
bandit9@bandit:~$ ls
data.txt
And if we use the file command to check what type of file it is, based on its content (ignoring the file extension), we see that it’s a binary data file:
1
2
bandit9@bandit:~$ file data.txt
data.txt: data
We can confirm that using cat to see what’s inside, but it’s not going to be comprehensible:
1
2
3
bandit9@bandit:~$ cat data.txt
�L�lω;��ßOܛ��ǤX��NdT$��x7��@D@�o��+D��B��M�Z/,_���w���#�5���
...
Plus, it messes up our terminal so we either need to reset it using the reset command, or hit CTRL-L on our keyboard to clear it.
But as the password is supposed to be a human-readable string, somewhere inside this file, preceded by several ‘=’ characters - that means we can use the strings command (to fetch all strings). And then pipe that output (with |) into grep "==" in order to only end up with lines that include 2 or more “=” characters:
1
2
3
4
5
bandit9@bandit:~$ strings data.txt | grep "=="
========== the*2i"4
========== password
Z)========== is
&========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
Albeit the results are a bit messy, that’s the “flag” we want to “capture” and the password we need for the next level, i.e. to login with user bandit10.
3. Exiting
1
2
3
bandit9@bandit:~$ exit
logout
Connection to bandit.labs.overthewire.org closed.
Level Flag
truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk