← Back to Home

OverTheWire Bandit: Level 9 → Level 10

Technical Note

Context

Just because a file has a .txt extension doesn’t mean it’s plain text. Sometimes (like in this level), the file serves as a container for binary data mixed with hidden text segments.

Attempts to read such a file with cat result in garbage output—strange symbols, beeps, and unreadable characters. To make sense of this, we need a tool that extracts only the printable character sequences (strings) from the binary noise. That tool is strings.

Goal

The password is in data.txt, but the file is binary. The hint states that the password is preceded by several equal (=) signs.

Solution

First, let’s verify the file type:

file data.txt
# data.txt: data

Linux confirms it’s just raw “data”, not text.

Now, let’s extract the readable parts using strings and filter for the hint (=) using grep:

strings data.txt | grep "===="

Command Breakdown:

  1. strings data.txt: Prints all displayable character sequences found in the file.
  2. |: Pipes the output to the next command.
  3. grep "====": Filters for lines containing multiple equal signs.

Output:

========== the*
========== password
========== is
========== G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s

The password is revealed clearly.

Key Takeaways

  1. The strings Command: Primarily used to extract embedded text (like error messages, variable names, or hidden secrets) from compiled executables or binary files. It is a fundamental tool in Reverse Engineering.
← Previous Post
OverTheWire Bandit: Level 8 → Level 9
Next Post →
OverTheWire Bandit: Level 10 → Level 11