← Bandit Solutions

Level 9 → Level 10 Walkthrough

Level 9 → Level 10

Completed

📋 Level Information

Host: bandit.labs.overthewire .org
Port: 2220
Username: bandit9
Password: EN632PlfYiZbn3PhVK3XOGS lNInNE00t

🎯 Level Goal

The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several '=' characters.

Challenge: The file is a binary file containing both text and non-text data. You need to extract human-readable strings and find the one with multiple '=' characters.

🔧 Solution Steps

Step 1: Connect to Bandit9

Use the password from Level 8 to log in:

ssh bandit9@bandit.labs.overthewire.org -p 2220

Password: EN632PlfYiZbn3PhVK3XOGSlNInNE00t

Step 2: Check the data.txt File

First, let's see what type of file we're dealing with:

file data.txt
ls -lh data.txt

You'll see it's a binary data file, not a plain text file.

Step 3: Use strings to Extract Human-Readable Text

The strings command extracts printable character sequences from binary files:

strings data.txt

This will output many lines of text mixed with garbage characters.

Step 4: Find Lines with Multiple '=' Characters

Pipe the output to grep to find lines containing multiple equals signs:

strings data.txt | grep "===="

Step 5: Get the Password

The command will output the line containing multiple '=' characters followed by the password:

========== the*2i4"

Wait, that doesn't look right. Let's try a different approach...

Step 6: Better Pattern Matching

Look for lines that start with multiple '=' characters:

strings data.txt | grep "^===="

Or try looking for any line with several '=' characters:

strings data.txt | grep -E "={5,}"

Step 7: Success!

One of these methods will reveal the password:

========== G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s

The password for Level 10 is: G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s

🔄 Alternative Methods

Method 2: Using strings with grep for password pattern

Look for lines that might contain passwords (mix of letters and numbers):

strings data.txt | grep -E "[a-zA-Z0-9]{32}"

This looks for 32-character strings of letters and numbers, which is the password format.

Method 3: Manual inspection with less

You can browse through the strings output manually:

strings data.txt | less

Use /==== to search for equals signs, then navigate with arrow keys.

Method 4: Save strings to file and analyze

Save the output to a file for easier analysis:

strings data.txt > output.txt
grep "====" output.txt

💡 Explanation

This level introduces working with binary files and extracting human-readable content.

strings Command:

  • strings - Extracts printable character sequences from binary files
  • Looks for sequences of 4 or more printable characters (by default)
  • Useful for analyzing binaries, finding embedded text, or recovering text from corrupted files

grep with Regular Expressions:

  • grep "====" - Looks for lines containing four equals signs
  • grep "^====" - Looks for lines starting with four equals signs
  • grep -E "={5,}" - Uses extended regex to find 5 or more consecutive equals signs
  • grep -E "[a-zA-Z0-9]{32}" - Finds 32-character alphanumeric strings

Why Binary Files Contain Text:

  • Executable files often contain error messages and other text
  • Data files might have text embedded in binary formats
  • Compressed or encoded files may have readable portions

⚠️ Common Mistakes

  • Trying to cat the file: Binary files can mess up your terminal
  • Wrong grep pattern: Not using enough '=' characters in the search
  • Case sensitivity: Forgetting that grep is case-sensitive by default
  • Not using strings: Trying to grep the binary file directly

💡 Pro Tips

  • Use strings -n 10 to only show strings of 10+ characters (reduces noise)
  • Combine with head or tail to see partial output: strings data.txt | head -20
  • Use grep -i for case-insensitive searches
  • You can use hexdump -C to view binary files in hex and ASCII
  • For very large files, save strings output to a file first
← Previous Level Next Level →