Bandit Level 10 Walkthrough

Level 9 ➔ Level 10: Sifting Gold from Binary Mud

1. My Objective

I am dealing with a file named data.txt. However, this isn't a normal text file. It is a Binary File. If I try to read it with cat, my screen will fill with weird symbols, beeping sounds, and unreadable junk. My goal is to find a human-readable password hidden inside this mess, specifically one preceded by several = characters.

The Challenge: How do I ignore the millions of "non-printable" characters and only see the actual words hidden inside?

2. The Feynman Explanation: The Sieve in the Mud

To understand how to solve this, I need to understand the difference between how a computer sees data and how I see data.

The Gold Panning Analogy:

Imagine I have a bucket full of river mud. Somewhere in that mud are five tiny gold coins. If I just look at the bucket, I only see brown sludge (the Binary Data).

I can't just pick through it with my fingers. Instead, I use a Sieve (the strings command).

1. The Sieve: I pour the mud through the sieve. The water and mud fall through, but the solid coins stay on top. In Linux, strings ignores all the computer code and only shows me sequences of 4 or more characters that make sense to humans.
2. The Magnet: Even after using the sieve, I might have some shiny rocks left. I use a Magnet (the grep command) to pull out exactly what I want—anything that has == on it.

3. Practical Solution

I log in as bandit9. I will combine strings and grep to find the password hidden in the binary file.

# I use 'strings' to extract text, then pipe it to 'grep' to find the equals signs
bandit9@bandit:~$ strings data.txt | grep "=="

# The output reveals the password:
========== the password is G77o9ahSAb36906sV...

How the command works:

• strings data.txt: This command scans the binary file and only prints "printable" characters. It skips the computer-only instructions that would mess up my terminal.
• | grep "==": I filter the resulting text to only show lines containing the equals characters mentioned in the mission.

🚀 My Pro Tips: Decoding Binary Files

✨ Why not just use 'grep' directly?

If I run grep "==" data.txt, it might tell me "Binary file matches." It won't show me the text because it thinks it's helping me by not printing "junk" to my screen. Using strings first is the correct way to handle binary data.

⭐ The 'strings' Minimum Length

By default, strings looks for 4 characters. If I am looking for a very short word (like a 2-letter password), I can use the -n flag:
strings -n 2 data.txt

🔍 Identifying Files First

Whenever I am unsure if a file is text or binary, I always run the file command first:
file data.txt
This saves me from accidentally "breaking" my terminal with a cat command on a binary file.

4. Why this matters

I use strings constantly in Malware Analysis. Hackers often hide malicious URLs or messages inside an .exe file or a compiled program. Being able to extract these strings without actually running the dangerous program is a vital safety skill for any security researcher.

I Have Extracted the Secret!

I've successfully sifted through the binary mud. I'll save this password and move on to Level 10 ➔ Level 11, where I will deal with Base64 encoding!

Tags: #Linux #Bandit #OverTheWire #StringsCommand #BinaryFiles #Grep #CyberSecurity #FeynmanTechnique #CodeWithPritom #ProTips