Edit: Apparently I’m an idiot and did this the hard way the first time. I added a better solution.

Level Goal

The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!).

Better Solution

Password: 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

So this level is bullshit. Frankly, these sorts of challenges where you wrap a file multiple times, or encode a string multiple times, are just tedious and lame. But we shall persevere.

Firstly, let’s take their advice and create a directory under /tmp and copy data.txt to it.

I used && (and) to chain my commands. If any commands in the chain fail, all subsequent commands are cancelled. I then quickly checked to see if the copy was successful.

First thing’s first: what the hell are we dealing with?

This is a hexdump. It dumps… hex. Fortunately, we can reconstruct the file with xxd, which makes hexdumps. It handily can also reverse them.

The -r option reverses the hexdump, and the > operator tells it to output to a new file.

Let’s see what we got.

Absolute nonsense. Luckily, we can figure out what type of file we’re dealing with by… using file. This uses the magic number of the file to determine what it might be. See my Terrible Solution for a tedious manual process.

It’s gzipped. So let’s rename our file to .gz and decompress it with gunzip.

file it.

And it’s a .bz2. Decompress it with bunzip2.

file

Another .gz.

file

It’s a tar archive! Let’s rename it with a .tar extension and extract the file with tar -xf, where the tells the command to extract and the f lets us specify the file.

A file appears!

file

Another archive? Let’s do it again…

This isn’t getting tedious at all.

file

Another .bz2.

file

Extract…

file

Decompress…

file

Finally, some text. Let’s read it.

It’s over.

Yippee.

 

 

 

 

Terrible Solution

Password: 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

So this level is bullshit. Frankly, these sorts of challenges where you wrap a file multiple times, or encode a string multiple times, are just tedious and lame. But we shall persevere.

Firstly, let’s take their advice and create a directory under /tmp and copy data.txt to it.

I used && (and) to chain my commands. If any commands in the chain fail, all subsequent commands are cancelled. I then quickly checked to see if the copy was successful.

First thing’s first: what the hell are we dealing with?

This is a hexdump. It dumps… hex. Fortunately, we can reconstruct the file with xxd, which makes hexdumps. It handily can also reverse them.

The -r option reverses the hexdump, and the > operator tells it to output to a new file.

Let’s see what we got.

Absolute nonsense. Luckily, we can figure out what type of file we’re dealing with by… looking at the hexdump. Most files have a unique file signature, which is composed of hexadecimal characters. Wikipedia has a big ol’ list of them.

Let’s check the first line of our hexdump. xxd gives us the dump, and head -1 gives us the first line.

The first byte of our file is 1f. Let’s do a quick Ctrl+F of the Wikipedia page to see what we get… 4 results. Alright, with the next byte it’s 1f 8b. It’s either a .gz or a .dat. A .dat has the next two bytes 08 00… but we have 08 08. So let’s rename our file to .gz and decompress it with gunzip.

Let’s take a look.

More garbage. What does the hexdump reveal?

Let’s check Wikipedia for 42 5a… and it’s a .bz2. Decompress it with bunzip2.

Check the file…

Hexdump…

Another .gz.

Check the file…

Hexdump…

First two bytes give us nothing. 64 61 gets no matches. But looking at the hexdump, it looks like there’s a file inside. Maybe it’s an archive? Let’s rename it with a .tar extension and extract the file with tar -xf, where the tells the command to extract and the f lets us specify the file.

A file appears!

Check the file…

Hexdump…

Another archive? Let’s do it again…

This isn’t getting tedious at all.

Check the file…

Hexdump…

42 5a? Another .bz2.

Check…

Hex…

Extract…

Check…

Hex…

Decompress…

Check…

It’s over.

Yippee.