OverTheWire Bandit: Level 10 → Level 11

Context

Sometimes it’s difficult to store or transmit raw binary data. To solve this, we use a method that converts this data into an ASCII character set (letters and numbers): Base64.

Base64 encoded text is usually recognizable by its alphanumeric characters and one or two equal signs (=) at the end (padding).

Important: Base64 is an encoding method, not encryption. It does not provide security; anyone can reverse it without a secret key.

Goal

The data.txt file is Base64 encoded. We need to decode it to retrieve the password hidden inside.

Solution

First, let’s peek at the file content:

cat data.txt
# VGhlIHBhc3N3b3J... (gibberish text)

We see a pile of meaningless characters, likely ending with =. To decode this, we will use the base64 command with the -d (decode) flag:

base64 -d data.txt

Command Breakdown:

1. base64: Linux’s standard encoding/decoding tool.
2. -d: Enables “Decode” mode. By default, it encodes.
3. data.txt: The input file.

Output:

The password is: 6zPeziLdR2RKNdNYFNb6nVCKzphlXHBM

The password appears in plain text. As you can see, encoding something in Base64 doesn’t make it safe; it just changes its format.

Key Takeaways

1. Base64 Encoding: A method used to represent binary data in text format. Common in email attachments and web applications.
2. base64 -d: Reverts encoded data back to its original form.