The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
解密
bandit12@bandit:~$ mktemp -d
/tmp/tmp.NXvJ0vbt5I
bandit12@bandit:~$ cp data.txt /tmp/tmp.NXvJ0vbt5I/
bandit12@bandit:~$ cd /tmp/tmp.NXvJ0vbt5I/
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data.txt
data.txt: ASCII text
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ xxd -r data.txt > data1
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data1
data1: gzip compressed data, was "data2.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ xxd -r data.txt > data1.gz
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ gzip -d data1.gz
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data1
data1: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ bzip2 -d data1
bzip2: Can't guess original name for data1 -- using data1.out
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data1.out
data1.out: gzip compressed data, was "data4.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ mv data1.out data1.gz
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ gzip -d data1.gz
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ ls
data1 data.txt
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data1
data1: POSIX tar archive (GNU)
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ tar -xf data1
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ ls
data1 data5.bin data.txt
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data5.bin
data5.bin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ tar -xf data5.bin
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ ls
data1 data5.bin data6.bin data.txt
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data6.bin
data6.bin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ bzip2 -d data6.bin
bzip2: Can't guess original name for data6.bin -- using data6.bin.out
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ ls
data1 data5.bin data6.bin.out data.txt
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data6.bin.out
data6.bin.out: POSIX tar archive (GNU)
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ tar -xf data6.bin.out
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ ls
data1 data5.bin data6.bin.out data8.bin data.txt
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data8.bin
data8.bin: gzip compressed data, was "data9.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ mv data8.bin data8.gz
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ gzip -d data8.gz
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ ls
data1 data5.bin data6.bin.out data8 data.txt
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ file data8
data8: ASCII text
bandit12@bandit:/tmp/tmp.NXvJ0vbt5I$ cat data8
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
知识点
-
mktemp -d
在/tmp/
下创建随机名称目录; -
xxd -r
逆向文件,从十六进制文件逆向回之前的文件; -
gzip -d
解压gz压缩文件; -
bzip2
解压bzip2压缩文件; -
tar -xf
解包tar打包文件; - IMPORTANT: PATIENCE