{"id":397,"date":"2015-01-16T04:15:38","date_gmt":"2015-01-16T04:15:38","guid":{"rendered":"https:\/\/www.hackmethod.com\/?p=397"},"modified":"2022-06-03T05:40:09","modified_gmt":"2022-06-03T05:40:09","slug":"overthewire-bandit-10","status":"publish","type":"post","link":"https:\/\/hackmethod.com\/overthewire-bandit-10\/","title":{"rendered":"OvertheWire &#8211; Bandit 10"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_text _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<strong>Recap of Level 9: <\/strong>Learned about the <code>sort<\/code> and <code>uniq<\/code> commands and went a little further into how to use I\/O redirection.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit10.html\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Bandit Level 10<\/strong><\/a><\/p>\n<h4><strong>Objective: <\/strong><\/h4>\n<p>Find the password to the next level<\/p>\n<h4><strong>Intel Given:<\/strong><\/h4>\n<ul>\n<li>Password is in data.txt<\/li>\n<li>Password is among the few lines of human-readable text that start with\u00a0<code>=<\/code><\/li>\n<\/ul>\n<p><!--more--><\/p>\n<h4><strong>How to:<\/strong><\/h4>\n<p>Very quickly lets observe the file data.txt and notice something unique about *nix systems. If we do a <code>file *<\/code> this will give us the file type for every file in our directory.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"398\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-10\/screen-shot-2015-01-15-at-9-52-44-pm\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png?fit=191%2C35&amp;ssl=1\" data-orig-size=\"191,35\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"10.1\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png?fit=191%2C35&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png?fit=191%2C35&amp;ssl=1\" class=\" size-full wp-image-398 aligncenter\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png?resize=191%2C35&#038;ssl=1\" alt=\"10.1\" scale=\"0\" width=\"191\" height=\"35\" \/><\/a>As you can see the file type is data even though the file &#8220;extension&#8221; is .txt. This is important to note, *nix does not use file extensions to determine file type.<\/p>\n<p>Previously our file was ASCII text which is why we could read it with the cat command. Try reading the file with the <code>cat<\/code> command to see the difference. If your terminal\/shell messes up you&#8217;ll need to simply type reset to get it looking normal again.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"399\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-10\/screen-shot-2015-01-15-at-9-55-34-pm\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?fit=571%2C156&amp;ssl=1\" data-orig-size=\"571,156\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"9.1\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?fit=300%2C82&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?fit=571%2C156&amp;ssl=1\" class=\" size-full wp-image-399 aligncenter\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?resize=571%2C156&#038;ssl=1\" alt=\"9.1\" scale=\"0\" width=\"571\" height=\"156\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?w=571&amp;ssl=1 571w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png?resize=300%2C82&amp;ssl=1 300w\" sizes=\"(max-width: 571px) 100vw, 571px\" \/><\/a>You should see something like the picture above. This is normal for data type files. Fortunately\u00a0for us we have a clue that tells us that even though this file is data, there is human-readable text in it.<\/p>\n<p>strings is a command that that looks for ASCII text in a binary file. If you just typed <code>strings data.txt<\/code> you would see that the ASCII text for each line is separated and returned to you in standard output (aka. shell terminal, <a href=\"http:\/\/sc.tamu.edu\/help\/general\/unix\/redirection.html\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a> is another\u00a0I\/O primer). \u00a0Scroll through the output and see if you can find the password using the clue given.<\/p>\n<p>If you have read the previous tutorials up until now you should see where this is going. Since I know the command will give me ASCII text hidden in a data file, and I know the password is after the <code>=<\/code> character I only really need to input the command below to give me the next password.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"400\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-10\/screen-shot-2015-01-15-at-10-07-03-pm\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png?fit=328%2C288&amp;ssl=1\" data-orig-size=\"328,288\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"9.2\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png?fit=300%2C263&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png?fit=328%2C288&amp;ssl=1\" class=\"aligncenter wp-image-400 size-full\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png?resize=328%2C288&#038;ssl=1\" alt=\"9.2\" scale=\"0\" width=\"328\" height=\"288\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png?w=328&amp;ssl=1 328w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png?resize=300%2C263&amp;ssl=1 300w\" sizes=\"(max-width: 328px) 100vw, 328px\" \/><\/a><\/p>\n<p>Note: We had to do a little deductive reasoning. If you wanted to be technical the password could be K, the6, password etc. But only ONE of these options above really looks like the passwords that we&#8217;ve been using. So we&#8217;ll go with that.<\/p>\n<h4><strong>Conclusion:<\/strong><\/h4>\n<p>We learned about the &#8216;strings&#8217; command and how it can be used to pull ASCII out of data files. We also learned another valuable lesson. When hackers are doing recon for passwords\u00a0they often times check\u00a0previous passwords to look for similarities that match suspected current passwords. Behavior analysis on your target can be an invaluable piece of data. It&#8217;s also important to note that because we know this about password similarities, its a smart idea to always use strong randomly generated passwords, or even better two-factor authentication.<br \/>\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_2,1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Previous.png&#8221; alt=&#8221;Previous Level&#8221; title_text=&#8221;Previous&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-9&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Next.png&#8221; alt=&#8221;Next Level&#8221; title_text=&#8221;Next&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-11&#8243; align=&#8221;right&#8221; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recap of Level 9: Learned about the sort and uniq commands and went a little further into how to use I\/O redirection. &nbsp; Bandit Level 10 Objective: Find the password to the next level Intel Given: Password is in data.txt Password is among the few lines of human-readable text that start with\u00a0= How to: Very [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":398,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<strong>Recap of <a href=\"https:\/\/www.hackmethod.com\/overthewire-bandit-9\/\">Last\u00a0Lesson<\/a>:\u00a0<\/strong>Learned about the 'sort' and 'uniq' commands and went a little further into how to use I\/O redirection.\n\n<a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit10.html\" target=\"_blank\" rel=\"noopener\"><strong>Bandit Level 10<\/strong><\/a>\n\n<h4><strong>Objective <\/strong><\/h4>\n\nFind the password to the next level\n\n<h4><strong>Intel Given<\/strong><\/h4>\n\n<ul>\n    <li>Password is in data.txt<\/li>\n    <li>Password is among the few lines of human-readable text that start with\u00a0'='<\/li>\n<\/ul>\n\n<!--more-->\n\n<h4><strong>How to:<\/strong><\/h4>\n\nVery quickly lets observe the file data.txt and notice something unique about *nix systems. If we do a 'file *' this will give us the file type for every file in our directory.\n\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png\"><img class=\" size-full wp-image-398 aligncenter\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png\" alt=\"10.1\" scale=\"0\" width=\"191\" height=\"35\" \/><\/a>As you can see the file type is data even though the file \"extension\" is .txt. This is important to note, *nix does not use file extensions to determine file type.\n\nPreviously our file was ASCII text which is why we could read it with the cat command. Try reading the file with the 'cat' command to see the difference. If your terminal\/shell messes up you'll need to simply type reset to get it looking normal again.\n\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png\"><img class=\" size-full wp-image-399 aligncenter\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.55.34-PM.png\" alt=\"9.1\" scale=\"0\" width=\"571\" height=\"156\" \/><\/a>You should see something like the picture above. This is normal for data type files. Fortunately\u00a0for us we have a clue that tells us that even though this file is data, there is human-readable text in it.\n\nstrings is a command that that looks for ASCII text in a binary file. If you just typed 'strings data.txt' you would see that the ASCII text for each line is separated and returned to you in standard output (aka. shell terminal, <a href=\"http:\/\/sc.tamu.edu\/help\/general\/unix\/redirection.html\" target=\"_blank\" rel=\"noopener\">here<\/a> is another\u00a0I\/O primer). \u00a0Scroll through the output and see if you can find the password using the clue given.\n\nIf you have read the previous tutorials up until now you should see where this is going. Since I know the command will give me ASCII text hidden in a data file, and I know the password is after the '=' character I only really need to input the command below to give me the next password.\n\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM.png\"><img class=\"aligncenter wp-image-400 size-full\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-10.07.03-PM-e1421381286883.png\" alt=\"9.2\" scale=\"0\" width=\"328\" height=\"288\" \/><\/a>\n\nNote: We had to do a little deductive reasoning. If you wanted to be technical the password could be K, the6, password etc. But only ONE of these options above really looks like the passwords that we've been using. So we'll go with that.\n\n<h4><strong>Conclusion<\/strong><\/h4>\n\nWe learned about the 'strings' command and how it can be used to pull ASCII out of data files. We also learned another valuable lesson. When hackers are doing recon for passwords\u00a0they often times check\u00a0previous passwords to look for similarities that match suspected current passwords. Behavior analysis on your target can be an invaluable piece of data. It's also important to note that because we know this about password similarities, its a smart idea to always use strong randomly generated passwords, or even better two-factor authentication.","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[44,49],"tags":[43,45,46],"class_list":["post-397","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-overthewire","category-tutorials","tag-bandit","tag-overthewire","tag-tutorials"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-15-at-9.52.44-PM.png?fit=191%2C35&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5zY4D-6p","_links":{"self":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/comments?post=397"}],"version-history":[{"count":8,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/397\/revisions"}],"predecessor-version":[{"id":27514,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/397\/revisions\/27514"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media\/398"}],"wp:attachment":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media?parent=397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/categories?post=397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/tags?post=397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}