overthewire.bandit.lvl[12-13]

Level Goal

The password for the next level is stored in the file data.txt which is the hexdump of a file that hash been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and renamed it using mv (read the manpages!)

Solution

first we create our playground directory and make it our CWD

1
cd $(mktemp -d)

now we convert the hexdump into the original binary that was hexdumped.

1
xxd -r data.txt data.bin

checking the file format for the generated binary we find that it has been compressed with gzip.
img01

there is 2 methods for decompressing this file (we will stick to the second method for the rest of the writeup).

1
2
3
4
# method_1
mv data.bin data.bin.gz; gzip -d data.bin.gz
# method_2
gzip -d -S ary data.binary

either ways the generated binary file will be named data.bin. lets get some information about it
img02

well, it’s a bzip2 compressed binary. now decompressing it and getting info about the
generated binary we find that it’s a gzip compressed binary
img03

decompressing the generated binary and getting info about it. we find it’s a POSIX tar archive
img04

we continue the process of decompressing and getting info about generated binaries until we are presented with an ASCII text file
img05

and, finally we got the password for user bandit13
img06

Page View
⬆︎TOP