Recap of Last LessonLearned about the ‘sort’ and ‘uniq’ commands and went a little further into how to use I/O redirection.

Bandit Level 10

Objective

Find the password to the next level

Intel Given

  • Password is in data.txt
  • Password is among the few lines of human-readable text that start with ‘=’

How to

Very quickly lets observe the file data.txt and notice something unique about *nix systems. If we do a ‘file *’ this will give us the file type for every file in our directory.

10.1As you can see the file type is data even though the file “extension” is .txt. This is important to note, *nix does not use file extensions to determine file type.

Previously our file was ASCII text which is why we could read it with the cat command. Try reading the file with the ‘cat’ command to see the difference. If your terminal/shell messes up you’ll need to simply type reset to get it looking normal again.

9.1You should see something like the picture above. This is normal for data type files. Fortunately for us we have a clue that tells us that even though this file is data, there is human-readable text in it.

strings is a command that that looks for ASCII text in a binary file. If you just typed ‘strings data.txt’ you would see that the ASCII text for each line is separated and returned to you in standard output (aka. shell terminal, here is another I/O primer).  Scroll through the output and see if you can find the password using the clue given.

If you have read the previous tutorials up until now you should see where this is going. Since I know the command will give me ASCII text hidden in a data file, and I know the password is after the ‘=’ character I only really need to input the command below to give me the next password.

9.2

Note: We had to do a little deductive reasoning. If you wanted to be technical the password could be K, the6, password etc. But only ONE of these options above really looks like the passwords that we’ve been using. So we’ll go with that.

Conclusion

We learned about the ‘strings’ command and how it can be used to pull ASCII out of data files. We also learned another valuable lesson. When hackers are doing recon for passwords they often times check previous passwords to look for similarities that match suspected current passwords. Behavior analysis on your target can be an invaluable piece of data. It’s also important to note that because we know this about password similarities, its a smart idea to always use strong randomly generated passwords, or even better two-factor authentication.

Hackmethod is proud to announce Mal_Wear by HM. Exploit/Vulnerability themed nerdy t-shirts! Get them while they last. Dismiss