Login

  • ssh : ssh bandit12@bandit.labs.overthewire -p 2220
  • password : 7x16WNeHIi5YkIhWsfFIqoognUTyj9Q4

Task :

  • the decompress a heavy compressed file to reach the password

Theory

Hexdumps are often used when we want to look at data that cannot be represented in strings and therefore is not readable, so it is easier to look at the hex values. A hexdump has three main columns. The first shows the address, the second the hex representation of the data on that address and the last shows the actual data as strings (with ‘.’ being hex values that cannot be represented as a string). Many hex editors exist just pick the one you like most.

For the command line xxd can be used. xxd <input_file> <output_file> creates hexdumps. When using the -r flag, it reverts the hexdump.

Hexdumps can be used to figure out the type of a file. Each file type has a magic number/file signature. You can find lists with a collection of these different file signatures online. The file command, which was introduced in Level 5 also uses this method (and more beyond that). This is especially important to know because sometimes files might not have the correct or any file ending to identify its type.

Compression is a method of encoding that aims to reduce the original size of a file without losing information (or only losing as little as possible).

  • gzip is a command to compress or decompress (-d) files. A ‘gzip’ file generally ends with .gz.
  • bzip2 is another command which allows for compressing and decompressing (-d) files. A ‘bzip2’ file generally ends with .bz2.

An Archive File is a file that contains one or multiple files and their metadata. This can allow easier portability.

  • tar is a command that creates archive files (-cf). It also allows extracting these files again (-xf). A tar archive generally ends with .tar.
    • x : tells the command to extract the files
    • v : to show the progress (if there was many files (optional))
    • f : tells that the next argument gonna be the archive file

Solution

  • first of all i reversed the hexdump with the command
xxd -r data.txt

then what ever the result i get after that i used the command file to check the type of the file were i rename it first by adding the correct extention using the command mv then :

  • gzip : use the command gunzip or gzip -d
  • tar : use the command tar -xvf
  • bzip2 : use the command bzip2 -d

after several files you’d get a text which contains the password.