In this level we learn how to manipulate the output of a file by resorting its lines, without changing the actual data inside the file, and then grab 1 particular line using a regular expression.
Level Instructions
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once.
Level Solution
First we have to login via SSH using the previous level’s user bandit8 (using their password cvX2JJa4CFALtqS87jk27qwqGhBM9plV which we found in the previous level).
1. Connecting
1
2
3
4
ssh bandit8@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit8@bandit.labs.overthewire.org's password:
Just copy and paste the password
cvX2JJa4CFALtqS87jk27qwqGhBM9plVwhen prompted, and hitENTER. You won’t see a cursor. That’s normal.
2. Searching
We immediately find the data.txt file in our home (~) directory using the ls command:
1
2
bandit8@bandit:~$ ls
data.txt
So we run cat to see what’s inside:
1
2
3
4
5
6
7
8
9
10
11
12
bandit8@bandit:~$ cat data.txt
VkBAEWyIibVkeURZV5mowiGg6i3m7Be0
zdd2ctVveROGeiS2WE3TeLZMeL5jL7iM
sYSokIATVvFUKU4sAHTtMarfjlZWWj5i
ySvsTwlMgnUF0n86Fgmn2TNjkSOlrV72
NLWvtQvL7EaqBNx2x4eznRlQONULlCYZ
LfrBHfAh0pP9bgGAZP4QrVkut3pysAYC
U0NYdD3wHZKpfEg9qGQOLJimAJy6qxhS
flyKxCbHB8uLTaIB5LXqQNuJj3yj00eh
TThRArdF2ZEXMO47TIYkyPPLtvzzLcDf
cIPbot7oYveUPNxDMhv1hiri50CqpkTG
...
I truncated the output above for better readability. In reality it’s much longer as you’ll notice!
Unfortunately the file contains a lot of lines, so we must narrow down the output to just the 1 line we are after. But since we know that the password is the only line of text that occurs only once we have to find a way to count the occurance of identical lines. After that we can grep it easily.
First, let’s sort the output, line by line, in the terminal using sort:
1
2
3
4
5
6
7
8
9
10
11
bandit8@bandit:~$ sort data.txt
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
Note that the contents inside the file has not changed.
This makes it clear there’s a lot of repeating lines that we are not interested in. But we need to pipe this output, using |, into another command to count exactly how often each line repeats. We can do that with uniq -c:
1
2
3
4
5
6
7
8
9
10
11
bandit8@bandit:~$ sort data.txt | uniq -c
10 07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
10 0efnqHY1ZTNRu4LsDX4D73DsxIQq7RuJ
10 0N65ZPpNGkUJePzFxctCRZRXVrCbUGfm
10 0Xo6DLyK5izRqEtBA7sW2SRmlAixWYSg
10 10XitczY5Dz7UMoseKIeFWSzzwQrylfw
10 1ETSsKgjfQj1cJeFzXLJWzKzza3iWcJa
10 1T6qw9I32d71cS3TTvwmVp1WsxPFDJ9I
10 2bFz9F0yRwxGzVCZ4Er04bk00qfUrzWb
10 2CxmtCkpNL5ZjuoNzAtShkPXf5T43W7s
10 337o85y4OymIh99WPUtotkb114evfAkC
The
-cargument afteruniqresults in the number of instances for each line being shown. Without it you just get the unique output, with all duplicate lines removed.
Now we just need to find the line which starts with a “1”, without also grabbing all lines that start with “10” etc. We can do that using grep and the regular expression "^ *1 ":
1
2
bandit8@bandit:~$ sort data.txt | uniq -c | grep "^ *1 "
1 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
You can learn more about regular expressions using simple and interactive exercises at https://regexone.com/.
That’s the “flag” we want to “capture” and the password we need for the next level, i.e. to login with user bandit9.
3. Exiting
1
2
3
bandit8@bandit:~$ exit
logout
Connection to bandit.labs.overthewire.org closed.
Level Flag
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR