Exploring OverTheWire: Level 12 to Level 13 - Bandit Challenge

Introduction

As we progress further in the Bandit Challenge, Level 13 ↗️ presents us with a unique challenge. Our objective is to find a password hidden within the “data.txt” file, which is a hexdump representation of a repeatedly compressed file.

Challenge Overview

By using commands like xxd, cp, mv, and file along with creating a temporary directory, we’ll manipulate the data, decompress the file, and successfully obtain the password.

Approach and Strategy

Follow these steps to successfully solve Level 13

ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

Once logged in, Create a temporary directory under /tmp using the mkdir command:

mkdir /tmp/yourname

This command will create a temporary directory where we’ll perform our operations.

Copy the “data.txt” file to the temporary directory using the cp command:

cp data.txt /tmp/yourname/

Change your working directory to the temporary directory using the cd command:

cd /tmp/yourname

Convert the hexdump back to binary data using the xxd command:

xxd -r data.txt > data

This command reverses the hexdump and creates a binary file named “data”

Determine the file type of “data” using the file command:

file data

This command provides information about the file type.

Based on the output of the previous command, decompress the file using the appropriate command. Output would be like this

Now, if the file is gzip compressed

data: gzip compressed data, was "data2.bin", last modified: Sun Apr 23 18:04:23 2023, max compression, from Unix, original size modulo 2^32 581

use the gzip command:

mv data data.gz
gzip -d data.gz

if the file is bzip compressed

data: bzip2 compressed data, block size = 900k

use the bzip2 command:

mv data data.bz
bzip2 -d data.bz

And if the file is tar compressed

data: POSIX tar archive (GNU)

then use the tar command:

mv data data.tar
tar -xf data.bz

Keep repeating these steps till you reach a point where the file data returns a “ASCII text” output

data9: ASCII text

Once you have successfully reached this state, examine its contents using the cat command. Look for the password within the file.

The password for Level 13 will be displayed in the output. Take note of it for the next level.

PROMOTED Built & launched by me

Death is hard enough. Accessing accounts shouldn't be.

When someone dies, you don't get even one extra second to access the documents and information they meant to share it with you. Trying to fix this problem with Eternal Vault.

Protect your family now

🎁 Reveal Discount Code

Notes

• Create a temporary directory under /tmp using the mkdir command to perform your operations and avoid cluttering your home directory.
• Use the cp command to make a copy of the file and mv command to rename it for easier manipulation.
• Reverse the hexdump to recreate the original file using the xxd command with the -r option.
• Determine the file type using the file command and apply the appropriate decompression command (e.g., `gzip, bzip2, tar) accordingly.
• Repeat the decompression process until you obtain the final uncompressed file. This level would require some patience.

Conclusion

Congratulations on successfully completing Level 13 of the Bandit Challenge! By extracting the hexdump, decompressing the file, and examining its contents, we have obtained the necessary password to progress further.

Stay tuned for the next blog post, where we’ll tackle Level 14 and face new challenges in our quest to become proficient cybersecurity practitioners.