Recap of Last LessonWe pulled information out of a data file using the ‘strings’ command.

Bandit Level 11

Objective

Find the password to the next level

Intel Given

  • The password is stored in the file data.txt
  • The password is encoded with base64

How to

We now are looking at a file that has been obfuscated. That is the network security word for hiding the true meaning of communication. Now let me preface this, I’m not well versed in crypto or obfuscation methods. In fact if I were to look deeper into the why behind this I would be doing some extensive researching myself.

Now then, if we try to just read the file data.txt we’re presented with a bunch of garbage which is shown below.

Screen Shot 2015-01-19 at 7.47.44 PM

Our hint tells us that this data is obfuscated or hidden by a base64 type encoding. Well… as luck would have it, or a quick google in this case. *nix has a built in base64 en/decoder. We type in the command below and viola, all is revealed!

Screen Shot 2015-01-19 at 7.48.00 PM

 

Conclusion

We all reach a point where we don’t know something. Even the best hackers and network security professionals need to look for answers. Encoding and decoding are not my strong suits, and so I went to Google. Luckily for me this was a fairly complex problem and I was able to obtain the answer fairly easy. Other times I would resort to books such as the Blue Team Handbook. Whatever your resource may be, get into the habit of making your own cheat sheet and collection of resources. It will help you in the end.

Hackmethod is proud to announce Mal_Wear by HM. Exploit/Vulnerability themed nerdy t-shirts! Get them while they last. Dismiss