{"id":428,"date":"2015-01-20T02:00:40","date_gmt":"2015-01-20T02:00:40","guid":{"rendered":"https:\/\/www.hackmethod.com\/?p=428"},"modified":"2022-06-03T05:40:09","modified_gmt":"2022-06-03T05:40:09","slug":"overthewire-bandit-11","status":"publish","type":"post","link":"https:\/\/hackmethod.com\/overthewire-bandit-11\/","title":{"rendered":"OvertheWire &#8211; Bandit 11"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;3.22&#8243;][et_pb_row admin_label=&#8221;row&#8221; _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text admin_label=&#8221;Text&#8221; _builder_version=&#8221;4.7.5&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<strong>Recap of Level 10:\u00a0<\/strong>We pulled information out of a data\u00a0file using the &#8216;strings&#8217; command.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit11.html\" target=\"_blank\" rel=\"noopener\"><strong>Bandit Level 11<\/strong><\/a><\/p>\n<h4><strong>Objective:<\/strong><\/h4>\n<p>Find the password to the next level<\/p>\n<h4><strong>Intel Given:<\/strong><\/h4>\n<ul>\n<li>The password is\u00a0stored in the file data.txt<\/li>\n<li>The password is encoded with base64<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<h4><strong>How to:<\/strong><\/h4>\n<p>We now are looking at a file that has been obfuscated. That is the network security word for hiding\u00a0the true meaning of communication. Now let me preface this, I&#8217;m not well versed in crypto or obfuscation methods. In fact if I were to look deeper into the why behind this I would be doing some extensive researching myself.<\/p>\n<p>Now then, if we try to just read the file data.txt we&#8217;re presented with a bunch of garbage which is shown\u00a0below.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"431\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-11\/screen-shot-2015-01-19-at-7-47-44-pm\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?fit=487%2C36&amp;ssl=1\" data-orig-size=\"487,36\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"Screen Shot 2015-01-19 at 7.47.44 PM\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?fit=300%2C22&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?fit=487%2C36&amp;ssl=1\" class=\" size-full wp-image-431 aligncenter\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?resize=487%2C36&#038;ssl=1\" alt=\"Screen Shot 2015-01-19 at 7.47.44 PM\" width=\"487\" height=\"36\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?w=487&amp;ssl=1 487w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?resize=300%2C22&amp;ssl=1 300w\" sizes=\"(max-width: 487px) 100vw, 487px\" \/><\/a><\/p>\n<p>Our hint tells us that this data is obfuscated or hidden by a base64 type encoding. Well&#8230; as luck would have it, or a quick google in this case. *nix has a built in base64 en\/decoder. We type in the command below and viola, all is revealed!<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"432\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-11\/screen-shot-2015-01-19-at-7-48-00-pm\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?fit=350%2C38&amp;ssl=1\" data-orig-size=\"350,38\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"Screen Shot 2015-01-19 at 7.48.00 PM\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?fit=300%2C33&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?fit=350%2C38&amp;ssl=1\" class=\" size-full wp-image-432 aligncenter\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?resize=350%2C38&#038;ssl=1\" alt=\"Screen Shot 2015-01-19 at 7.48.00 PM\" width=\"350\" height=\"38\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?w=350&amp;ssl=1 350w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png?resize=300%2C33&amp;ssl=1 300w\" sizes=\"(max-width: 350px) 100vw, 350px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<h4><strong>Conclusion:<\/strong><\/h4>\n<p>We all reach a point where we don&#8217;t know something. Even the best hackers and network security professionals need to look for answers. Encoding and decoding are not my strong suits, and so I went to Google. Luckily for me this was a fairly complex problem and I was able to obtain the answer fairly easy. Other times I would resort to books such as the <a href=\"http:\/\/www.amazon.com\/gp\/product\/1500734756\/ref=as_li_tl?ie=UTF8&amp;camp=1789&amp;creative=9325&amp;creativeASIN=1500734756&amp;linkCode=as2&amp;tag=hackm01-20&amp;linkId=R5E6ASK573QWMSW5\">Blue Team Handbook<\/a>. Whatever your resource may be, get into the habit of making your own cheat sheet and collection of resources. It will help you in the end.<br \/>\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; column_structure=&#8221;1_2,1_2&#8243;][et_pb_column _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_2&#8243;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Previous.png&#8221; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; alt=&#8221;Previous Level&#8221; title_text=&#8221;Previous&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-10&#8243; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][\/et_pb_image][\/et_pb_column][et_pb_column _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_2&#8243;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Next.png&#8221; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; alt=&#8221;Next Level&#8221; title_text=&#8221;Next&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-12&#8243; align=&#8221;right&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recap of Level 10:\u00a0We pulled information out of a data\u00a0file using the &#8216;strings&#8217; command. &nbsp; Bandit Level 11 Objective: Find the password to the next level Intel Given: The password is\u00a0stored in the file data.txt The password is encoded with base64 How to: We now are looking at a file that has been obfuscated. That [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":431,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<strong>Recap of <a href=\"https:\/\/www.hackmethod.com\/overthewire-bandit-10\/\" target=\"_blank\">Last\u00a0Lesson<\/a>:\u00a0<\/strong>We pulled information out of a data\u00a0file using the 'strings' command.\r\n\r\n<a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit11.html\" target=\"_blank\"><strong>Bandit Level 11<\/strong><\/a>\r\n\r\n<strong>Objective<\/strong>\r\n\r\nFind the password to the next level\r\n\r\n<strong>Intel Given<\/strong>\r\n<ul>\r\n\t<li>The password is\u00a0stored in the file data.txt<\/li>\r\n\t<li>The password is encoded with base64<\/li>\r\n<\/ul>\r\n<!--more-->\r\n\r\n<strong>How to<\/strong>\r\n\r\nWe now are looking at a file that has been obfuscated. That is the network security word for hiding\u00a0the true meaning of communication. Now let me preface this, I'm not well versed in crypto or obfuscation methods. In fact if I were to look deeper into the why behind this I would be doing some extensive researching myself.\r\n\r\nNow then, if we try to just read the file data.txt we're presented with a bunch of garbage which is shown\u00a0below.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png\"><img class=\" size-full wp-image-431 aligncenter\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png\" alt=\"Screen Shot 2015-01-19 at 7.47.44 PM\" width=\"487\" height=\"36\" \/><\/a>\r\n\r\nOur hint tells us that this data is obfuscated or hidden by a base64 type encoding. Well... as luck would have it, or a quick google in this case. *nix has a built in base64 en\/decoder. We type in the command below and viola, all is revealed!\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png\"><img class=\" size-full wp-image-432 aligncenter\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.48.00-PM.png\" alt=\"Screen Shot 2015-01-19 at 7.48.00 PM\" width=\"350\" height=\"38\" \/><\/a>\r\n\r\n&nbsp;\r\n\r\n<strong>Conclusion<\/strong>\r\n\r\nWe all reach a point where we don't know something. Even the best hackers and network security professionals need to look for answers. Encoding and decoding are not my strong suits, and so I went to Google. Luckily for me this was a fairly complex problem and I was able to obtain the answer fairly easy. Other times I would resort to books such as the <a href=\"http:\/\/www.amazon.com\/gp\/product\/1500734756\/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1500734756&linkCode=as2&tag=hackm01-20&linkId=R5E6ASK573QWMSW5\">Blue Team Handbook<\/a><img src=\"http:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=hackm01-20&l=as2&o=1&a=1500734756\" width=\"1\" height=\"1\" border=\"0\" alt=\"\" style=\"border:none !important; margin:0px !important;\" \/>. Whatever your resource may be, get into the habit of making your own cheat sheet and collection of resources. It will help you in the end.","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[44],"tags":[43,45,46],"class_list":["post-428","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-overthewire","tag-bandit","tag-overthewire","tag-tutorials"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/01\/Screen-Shot-2015-01-19-at-7.47.44-PM.png?fit=487%2C36&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5zY4D-6U","_links":{"self":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/428","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/comments?post=428"}],"version-history":[{"count":8,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/428\/revisions"}],"predecessor-version":[{"id":27511,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/428\/revisions\/27511"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media\/431"}],"wp:attachment":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media?parent=428"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/categories?post=428"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/tags?post=428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}