Recap of Level 5: We learned about the file command and how to use it to find filetypes.

 

Bandit Level 6

Objective:

Find the password to the next level

Intel Given:

  • File is stored in the inhere directory
  • File has the properties of ‘human-readable and is 1033 bytes in size non-executable’

How to:

As soon as we see a unique characteristic like a specific file size we know that is something we can use to filter out some results from searches.

So here we start to see the power of *nix shell.  There are many ways to approach this problem and because I’m familiar with the command dudu is used to display file space usage and alone it won’t do much, so we need to combine a few switches that I’ve selected from the man page and combine it with another command to create a sort of filter. The switch -a will check ALL directories and files recursively (including all files below the folder that you currently reside in) and -b will display the file size in bytes. You’ll notice this give you one big list of ALL the files and their sizes. You could scroll through this list until you found the file size that you’re looking for but I’m lazy.

Input/Output redirection is a very powerful concept and I encourage you to look at this site. For our purposes I’ll briefly explain the “pipe” operator which is the | button or Shift + . What the pipe does is take the commands output from the left, and apply it to the right. To take advantage of this I’ll combine du -ab with grep 1033. It will look like this du -ab | grep 1033. For now just accept the fact that grep searches for strings (or text) and in this case it is searching for 1033 (our file size). The result that is kicked out shows us the only file that is 1033 bytes is located at ./maybehere07/.file2. Simply cat the file and you have your password.

The other method I could have used was find ./ -size 1033c which is a much simpler method. Why did I not use this method instead of the more complicated method above? Easy, I simply knew the du command off of the top of my head while I had to take a minute to search through the man page of find to get the syntax exactly right.

Conclusion:

Here we’ve found two other ways to look for more file parameters, glossed over I/O redirection and grep. grep and I/O redirection are VERY powerful tools, getting these commands down will be vital to your ability to master *nix.

Previous Level
Next Level

You were not leaving your cart just like that, right?

Enter your details below to save your shopping cart for later. And, who knows, maybe we will even send you a sweet discount code :)