Skip to content

Bandit Level 10-11@overthewire.org

Description

The password for the next level is stored in the file data.txt, which contains base64 encoded data.

Current level credentials

Key Value
Server-name: bandit.labs.overthewire.org
Port: 2220
User: bandit10
Password: G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s

Current level login

Log in 

1
sshpass -p G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s ssh -p 2220 bandit10@bandit.labs.overthewire.org
Note: You might need to install sshpass before using it. The ssh command can also be used on its own. If so, copy-paste the password when requested.

Hints And Solution

Hint(s)

The command base64 has a decode flag to decode encoded data. See the man page for details on how to use it.

There are numerous online encoders and decoders available. Look them up. With Google, for example.

Solution 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
bandit10@bandit:~$ ls -al  
total 24  
drwxr-xr-x  2 root     root     4096 May  7  2020 .  
drwxr-xr-x 41 root     root     4096 May  7  2020 ..  
-rw-r--r--  1 root     root      220 May 15  2017 .bash_logout  
-rw-r--r--  1 root     root     3526 May 15  2017 .bashrc  
-rw-r-----  1 bandit11 bandit10   69 May  7  2020 data.txt  
-rw-r--r--  1 root     root      675 May 15  2017 .profile  

bandit10@bandit:~$ cat data.txt    
VGhlIHBhc3N3b3JkIGlzIElGdWt3S0dzRlc4TU9xM0lSRnFyeEUxaHhUTkViVVBSCg==  

bandit10@bandit:~$ cat data.txt | base64 -d  # (1)
The password is xxxxxxxxxxxxxxxxxxxxxxxxxxx
  1. the output of cat is piped into the command base64 using the -d flag to decode the data

The command ls -al reveals that the file data.txt is in the home directory. The description implies that the data is base64 encoded, but if it didn't, you could still recognize such an encoding using the following method. The contents of data.txt are displayed as a string with uppercase and lowercase characters and two = at the end. It indicates that it is a base64 encoded string. The character set for base64 encoded output is [A-Z, a-z, 0-9, and + /]. The output of a base64 encoded string must be a multiple of four. If it is not a multiple of 4, the output is padded with = characters until it is a multiple of 4. The string ends with two = characters, and the character set matches, indicating that it is almost certainly a base64-encoded output. Use the base64 command with the -d flag to decode a base64 encoded string.

Resources

Resources

Bandit-level11@overthewire
How to check whether a string is Base64 encoded or not
man page for base64 command @man7.org
base64 @wikipedia.org
online base64 decoding with cyberchef

Comments

Any feedback and suggestions are welcome. This website was created using mkdocs and the material plugin. If you want, you can make a pull request. The repository is https://github.com/dabonzo/itsec_hp