In this level we learn two ways to output the line(s) of a file that contains a word or phrase we are looking for, using grep by itself or after a | pipe.
Level Instructions
The password for the next level is stored in the file data.txt next to the word millionth.
Level Solution
First we have to login via SSH using the previous level’s user bandit7 (using their password HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs which we found in the previous level).
1. Connecting
1
2
3
4
ssh bandit7@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit7@bandit.labs.overthewire.org's password:
Just copy and paste the password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzswhen prompted, and hitENTER. You won’t see a cursor. That’s normal.
2. Searching
We immediately find the data.txt file in our home (~) directory using the ls command:
1
2
bandit7@bandit:~$ ls
data.txt
So we run cat to see what’s inside:
1
2
3
4
5
6
7
8
9
10
11
12
bandit7@bandit:~$ cat data.txt
binning WnfnFPqkuhl2nwHBohzn2C4L5W0gwcLq
abuts v8PAwDdkGDdp5NsJ7ZFM5A7TJ5MkYDbm
fathead wBhCy0fqvbQdexz5kMKBtGoSWgXw7s0H
attacks 3GzwnGiZnBDdVuHivJk1pEfOOYu7uOTa
lopping H9hzviFp1QO4WF8EzcQNl5MDz5r1bzUC
tyrannosaurus WxtYXVar4sgInHp7YUpTzOjdUw1Ww0x8
reservists QDidoX6BN1MDTi0QwA6Vt82L9Rb64cm3
atrophy's mSpCwP9VgcGRn1SCD8R9bb9cPBl2yqkW
bolt's 726RB3lt2RmeCtbWEQ8lhUAxVBJfepy0
Klondikes wVh3ILxQAsKg8WNnFHp8GxtnSu213GbR
...
I truncated the output above for better readability. In reality it’s much longer as you’ll notice!
Unfortunately the file contains hundreds of lines, so we must narrow down the output to just the 1 line we are after. Since we know that the password is “next to” the word millionth, that means they are on the same line. Thus we can discard all the lines besides the one that contains the word “millionth” - by “piping” the output of cat to a second grep command:
1
2
bandit7@bandit:~$ cat data.txt | grep millionth
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV
The
|character is what connects the output of the first command with the input of the second command, just like a pipe!
However, in this scenario we actually don’t even need to use a pipe. Instead we could just use the grep command alone and pass in the word we are looking for as an argument to catch that line:
1
2
bandit7@bandit:~$ grep millionth data.txt
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV
Whichever method you prefer; that’s the “flag” we want to “capture” and the password we need for the next level, i.e. to login with user bandit8.
3. Exiting
1
2
3
bandit7@bandit:~$ exit
logout
Connection to bandit.labs.overthewire.org closed.
Level Flag
cvX2JJa4CFALtqS87jk27qwqGhBM9plV