Bandit Level 7 -> 8

7 -> 8

Finding a needle in the haystack

Bandit Level 8:

The password for the next level is stored in the file data.txt next to the word millionth

Commands we may need to solve this level:

man, grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

Solution

First, let’s ssh to the level 8 server:

Here millionth, wohoo!

So now we’re in the level 8 server, and apart from some details about the server and NDA details, there is just a shell prompt.

Now, we are told the flag we are looking for is in the data.txt file which houses millions of other texts. So what can we do to grab the millionth string?

From the suggested possible commands we can check what each does, let’s see what grep does, check the manual page of grep:

What do you know? Grep actually grabs the word you’re looking for in a stack of texts, it’s even got very powerful options, for now, though let’s try the basic one and see if we can grab the string we’re looking for. But we need to feed the text to grep, this can be done in two ways:

  1. Pipping: we can pipe the output of concatenation to grep, like so:

2. Redirecting the file towards the grep command:

Finally, we found the needle in the haystack:

That’s it and see you on the next one.

Thank you, Enjoy.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.