Level Goal
The password for the next level is hidden in data.txt, which is a hexdump of a file that has been repeatedly compressed. You must revert the hexdump to binary, then decompress through each layer until you obtain an ASCII text file containing the password.
Step-by-Step Solution
1. Exit Level 11 and SSH into Level 12
After obtaining the Level 12 password from the ROT13 decoding in Level 11, exit the current session:
exit
Then connect as bandit12 using the password acquired:
ssh bandit12@bandit.labs.overthewire.org -p 22202. List and Inspect data.txt
Once logged in as bandit12, run:
ls
You will see data.txt listed. To view its contents (a hexdump), use:
cat data.txt3. Create a Temporary Working Directory
Since you cannot modify files in the home directory, create a temporary directory under /tmp using a hard-to-guess name. The command mktemp -d automatically generates a unique directory:
mkdir /tmp/tmp.lJMBrRKLqx
(In this example, /tmp/tmp.lJMBrRKLqx is the generated directory. Remember this path for subsequent steps.)
4. Copy and Revert the Hexdump to Binary
Copy data.txt into your temporary directory and revert the hexdump to binary. First, copy and rename the file:
cp data.txt /tmp/tmp.lJMBrRKLqx/data.txt
Then, convert the hexdump back to binary and save it as hexToBin.txt:
xxd -r data.txt > /tmp/tmp.lJMBrRKLqx/hexToBin.txt5. Identify Compression Format and Convert to .gz
Check the binary file’s type:
file /tmp/tmp.lJMBrRKLqx/hexToBin.txt
The output indicates “gzip compressed data.” Rename the file extension to .gz:
mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.gz6. Decompress the Gzip File
Decompress the gzip archive:
gzip -d /tmp/tmp.lJMBrRKLqx/hexToBin.gzNow check the type of the resulting file:
file /tmp/tmp.lJMBrRKLqx/hexToBin.txtThe output indicates “bzip2 compressed data.”
7. Convert to .bz2 and Decompress
Rename the file extension to .bz2:
mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.bz2Then decompress the bzip2 archive:
bzip2 -d /tmp/tmp.lJMBrRKLqx/hexToBin.bz2Check the type of the resulting file:
file /tmp/tmp.lJMBrRKLqx/hexToBin.txtThe output indicates “POSIX tar archive.”
8. Extract the First Tar Archive
Rename the file extension to .tar:
mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.tarExtract the tar archive:
tar -xf /tmp/tmp.lJMBrRKLqx/hexToBin.tar -C /tmp/tmp.lJMBrRKLqx
This produces data5.bin inside the temporary directory. Check its type:
file /tmp/tmp.lJMBrRKLqx/data5.binThe output indicates another “POSIX tar archive.”
9. Extract the Second Tar Archive
Extract data5.bin (the second tar):
tar -xf /tmp/tmp.lJMBrRKLqx/data5.bin -C /tmp/tmp.lJMBrRKLqx
This produces data6.bin. Check its type:
file /tmp/tmp.lJMBrRKLqx/data6.binThe output indicates “bzip2 compressed data.”
10. Convert data6.bin to .bz2 and Decompress
Rename data6.bin to hexToBin.bz2:
mv /tmp/tmp.lJMBrRKLqx/data6.bin /tmp/tmp.lJMBrRKLqx/hexToBin.bz2Then decompress the bzip2 archive:
bzip2 -d /tmp/tmp.lJMBrRKLqx/hexToBin.bz2Check the type of the resulting file:
file /tmp/tmp.lJMBrRKLqx/hexToBin.txtThe output indicates “POSIX tar archive.”
11. Extract the Third Tar Archive
Rename the file extension to .tar:
mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.tarExtract the tar archive:
tar -xf /tmp/tmp.lJMBrRKLqx/hexToBin.tar -C /tmp/tmp.lJMBrRKLqxNow check the type of the new file:
file /tmp/tmp.lJMBrRKLqx/hexToBin.txtThe output indicates “gzip compressed data.”
12. Convert to .gz and Decompress
Rename the file extension to .gz:
mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.gzThen decompress the gzip archive:
gzip -d /tmp/tmp.lJMBrRKLqx/hexToBin.gzCheck the type of the resulting file:
file /tmp/tmp.lJMBrRKLqx/hexToBin.txtThe output indicates “ASCII text,” which is the password. Finally, display the password:
cat /tmp/tmp.lJMBrRKLqx/hexToBin.txtSummary & Key Commands
exit: return to your local machine from Level 11.ssh bandit12@bandit.labs.overthewire.org -p 2220: connect asbandit12.ls: list files; showsdata.txt.cat data.txt: inspect the hexdump contents.mkdir /tmp/tmp.lJMBrRKLqx: create a temporary working directory.cp data.txt /tmp/tmp.lJMBrRKLqx/data.txt: copy the hexdump into the temp directory.xxd -r data.txt > /tmp/tmp.lJMBrRKLqx/hexToBin.txt: revert the hexdump to binary.file /tmp/tmp.lJMBrRKLqx/hexToBin.txt: identify compression format (gzip).mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.gz: rename to.gz.gzip -d /tmp/tmp.lJMBrRKLqx/hexToBin.gz: decompress gzip archive.file /tmp/tmp.lJMBrRKLqx/hexToBin.txt: identify compression format (bzip2).mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.bz2: rename to.bz2.bzip2 -d /tmp/tmp.lJMBrRKLqx/hexToBin.bz2: decompress bzip2 archive.file /tmp/tmp.lJMBrRKLqx/hexToBin.txt: identify format (tar).mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.tar: rename to.tar.tar -xf /tmp/tmp.lJMBrRKLqx/hexToBin.tar -C /tmp/tmp.lJMBrRKLqx: extract first tar; yieldsdata5.bin.file /tmp/tmp.lJMBrRKLqx/data5.bin: identify format (tar).tar -xf /tmp/tmp.lJMBrRKLqx/data5.bin -C /tmp/tmp.lJMBrRKLqx: extract second tar; yieldsdata6.bin.file /tmp/tmp.lJMBrRKLqx/data6.bin: identify format (bzip2).mv /tmp/tmp.lJMBrRKLqx/data6.bin /tmp/tmp.lJMBrRKLqx/hexToBin.bz2: rename to.bz2.bzip2 -d /tmp/tmp.lJMBrRKLqx/hexToBin.bz2: decompress third bzip2 archive.file /tmp/tmp.lJMBrRKLqx/hexToBin.txt: identify format (tar).mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.tar: rename to.tar.tar -xf /tmp/tmp.lJMBrRKLqx/hexToBin.tar -C /tmp/tmp.lJMBrRKLqx: extract third tar; yields a gzip file.mv /tmp/tmp.lJMBrRKLqx/hexToBin.txt /tmp/tmp.lJMBrRKLqx/hexToBin.gz: rename to.gz.gzip -d /tmp/tmp.lJMBrRKLqx/hexToBin.gz: decompress final gzip archive.file /tmp/tmp.lJMBrRKLqx/hexToBin.txt: verify ASCII text.cat /tmp/tmp.lJMBrRKLqx/hexToBin.txt: display the password (ASCII text).