1
00:00:00,600 --> 00:00:01,100
Hi.

2
00:00:01,590 --> 00:00:08,910
Now, we did this lecture, we're going to continue our bandit CTF challenges now we are inside of Bendat

3
00:00:08,910 --> 00:00:13,780
nine and we're going to make it our way into the level 10 right now.

4
00:00:14,400 --> 00:00:20,220
So as you can see in the tapes, we see the password for the next level is again stirred within the

5
00:00:20,220 --> 00:00:25,970
data that texte and it's preceded by several equal characters.

6
00:00:25,980 --> 00:00:31,680
Let's see that by going inside of the it's already in here.

7
00:00:31,680 --> 00:00:35,220
Let's just get that out and see what it contains.

8
00:00:35,910 --> 00:00:36,630
Here you go.

9
00:00:36,630 --> 00:00:38,790
It contains a lot of gibberish data.

10
00:00:38,800 --> 00:00:47,940
I believe it's not human readable in most of the cases, but there are some characters inside of this

11
00:00:47,940 --> 00:00:54,750
and it says that, yeah, it's one of the few human readable strings and preceded by the several equal

12
00:00:54,750 --> 00:00:55,410
characters.

13
00:00:55,410 --> 00:01:03,690
So all we got to do is just find the characters that's human readable after some equal size.

14
00:01:04,020 --> 00:01:08,000
And we can actually use the same thing as we have done before.

15
00:01:08,010 --> 00:01:08,240
Right.

16
00:01:08,250 --> 00:01:15,540
We can just call the strings and grab together by piping them, combining them together like this strings

17
00:01:15,540 --> 00:01:22,580
data that takes the pipe them to pipe it to grep and we're going to grab the equals sign.

18
00:01:23,100 --> 00:01:24,330
And here you go.

19
00:01:24,480 --> 00:01:28,680
I believe here is the thing that we're looking for.

20
00:01:28,980 --> 00:01:29,490
Right.

21
00:01:29,970 --> 00:01:31,560
So this should be it.

22
00:01:31,560 --> 00:01:35,190
But I'm going to test this to see if this works or not.

23
00:01:35,460 --> 00:01:36,780
I'm going to copy this.

24
00:01:37,650 --> 00:01:41,730
And there are some other characters over here.

25
00:01:41,730 --> 00:01:48,890
But let's see, let me come over here and not know the password and let's check the length of this.

26
00:01:48,900 --> 00:01:49,770
Yeah, here you go.

27
00:01:49,920 --> 00:01:51,570
It fits perfectly.

28
00:01:51,940 --> 00:01:53,940
So I believe this is our password.

29
00:01:54,240 --> 00:02:00,510
I'm going to save this and I'm going to take that out of this one and try to log in to the next one,

30
00:02:01,020 --> 00:02:02,460
which has been the ten.

31
00:02:03,120 --> 00:02:09,210
And of course, we're going to test receive this password that we have together is right or wrong.

32
00:02:09,570 --> 00:02:12,150
Here you go, paste the selection and hit enter.

33
00:02:12,510 --> 00:02:18,320
I'm going to clear this out and I'm going to go into the level ten.

34
00:02:19,560 --> 00:02:23,610
So this is from level ten to level eleven.

35
00:02:23,610 --> 00:02:31,740
And again, this is inside of the data that you see right now, which it contains some base64 encoded

36
00:02:31,740 --> 00:02:32,340
data.

37
00:02:32,580 --> 00:02:34,280
So let me see it first.

38
00:02:34,320 --> 00:02:38,940
So this is data and actually this is very small design, I believe.

39
00:02:39,030 --> 00:02:40,540
Yeah, six to nine bytes.

40
00:02:40,540 --> 00:02:44,310
So let me get this out and see the content.

41
00:02:44,460 --> 00:02:45,180
And here you go.

42
00:02:45,180 --> 00:02:52,080
We only have one hash over here, but it's definitely encoded with something because it's longer than

43
00:02:52,080 --> 00:02:52,980
we used to see.

44
00:02:52,980 --> 00:02:57,840
And if we just tried this to login to the level eleven, it won't work.

45
00:02:58,110 --> 00:02:59,910
Right, because it's encoded.

46
00:03:00,600 --> 00:03:10,350
So base64 is an encoding technique that we use and we can use the same thing to decode it as well.

47
00:03:10,860 --> 00:03:11,280
Right.

48
00:03:11,280 --> 00:03:16,680
So we have to decode it and see if we can get the actual thing over here.

49
00:03:16,680 --> 00:03:19,710
Let me just run base64 dash dash help.

50
00:03:20,190 --> 00:03:27,700
So, you know, to decode a base64 encrypted text, we can use decode parameter over here or Dashti

51
00:03:28,050 --> 00:03:29,810
or dash dash decode.

52
00:03:30,480 --> 00:03:33,180
So let me just try to run it like this.

53
00:03:33,180 --> 00:03:38,550
Base64 Dashty data that texte and here you go.

54
00:03:38,670 --> 00:03:42,900
The password is this so it's easier to decode it.

55
00:03:43,080 --> 00:03:43,620
Right.

56
00:03:44,040 --> 00:03:53,100
So I believe we're going to face of some other harder encryptions during this Bendit challenge, but

57
00:03:53,100 --> 00:03:57,390
I'm going to save it for right now because we gathered our password.

58
00:03:58,110 --> 00:04:01,110
And let's go to the Bendit Eleven.

59
00:04:01,110 --> 00:04:09,500
I'm going to exit out of this one and let me connect to the Bendat Eleven over here and hit enter.

60
00:04:10,500 --> 00:04:14,430
So as you can see, it's taking its time.

61
00:04:14,430 --> 00:04:14,940
Here you go.

62
00:04:14,940 --> 00:04:19,560
It asks for the password and once we hit enter we are inside.

63
00:04:19,560 --> 00:04:19,860
Yep.

64
00:04:19,860 --> 00:04:20,400
Here we go.

65
00:04:21,000 --> 00:04:24,750
So I'm going to open the tips for level twelve.

66
00:04:24,750 --> 00:04:27,840
We're inside of eleven and we want to go to twelve.

67
00:04:28,410 --> 00:04:33,510
So the password for the next level is stored in the data takes one more time.

68
00:04:33,690 --> 00:04:41,910
They're all lower case and uppercase letters have been rotated by thirteen possessions.

69
00:04:42,780 --> 00:04:49,350
I don't even know what it means, have been rotated by thirteen positions.

70
00:04:50,040 --> 00:04:54,720
But I believe we have to just look at ourselves in order to understand this.

71
00:04:55,110 --> 00:04:55,590
Right.

72
00:04:56,040 --> 00:04:58,770
So let me go over here to other salay.

73
00:04:59,010 --> 00:04:59,680
Here we go with.

74
00:05:00,210 --> 00:05:03,060
Data that text file, it's simple file.

75
00:05:03,090 --> 00:05:06,210
Let me get this and yeah, here you go.

76
00:05:06,390 --> 00:05:08,010
I believe this is over.

77
00:05:08,010 --> 00:05:19,740
Encrypted data so have been rotated by 13 positions and I believe this stands for the wrought encryption.

78
00:05:19,890 --> 00:05:22,580
OK, now I get what it means.

79
00:05:22,950 --> 00:05:31,460
So like base64, there's another encryption algorithm or two encryption technique that we use, OK?

80
00:05:31,770 --> 00:05:36,640
And it's actually commonly used in this kind of ETFs as well.

81
00:05:37,080 --> 00:05:45,510
So we can use some kind of tools that we see inside of Linux or we can just find an online decryption

82
00:05:45,510 --> 00:05:46,230
as well.

83
00:05:46,920 --> 00:05:48,320
So I'm going to show you what I mean.

84
00:05:48,660 --> 00:05:57,090
Let, like, go to Google dot com and just write rotating encryption decoder, OK, rotation, encryption

85
00:05:57,090 --> 00:05:57,700
decoder.

86
00:05:57,960 --> 00:06:06,060
So if you don't even know there's something called robt, OK, rule 13 or something like that, you

87
00:06:06,060 --> 00:06:07,380
can still find it.

88
00:06:07,440 --> 00:06:13,470
As you can see, I just Googled the rotation encryption decoder.

89
00:06:14,040 --> 00:06:23,220
So we just want to decode something that has been rotated 13 times and 213 is actually kind of a standard

90
00:06:23,220 --> 00:06:24,280
number over here.

91
00:06:24,560 --> 00:06:26,500
Turchin is commonly used.

92
00:06:26,880 --> 00:06:29,350
So I'm going to try this over here, OK?

93
00:06:29,580 --> 00:06:32,750
So rotation to use your old number 13.

94
00:06:33,210 --> 00:06:33,590
Yep.

95
00:06:33,600 --> 00:06:34,250
Here you go.

96
00:06:35,400 --> 00:06:36,810
And yep.

97
00:06:36,810 --> 00:06:37,430
13.

98
00:06:38,070 --> 00:06:43,300
So I'm going to say decrypts and let's see if this works or not.

99
00:06:44,250 --> 00:06:44,940
Yep.

100
00:06:44,940 --> 00:06:46,460
It actually works.

101
00:06:46,560 --> 00:06:50,110
We can see the password is something like this.

102
00:06:50,130 --> 00:06:57,420
OK, we can see the password over here, but we cannot see the upper case or lower case letters in this

103
00:06:57,420 --> 00:06:58,050
website.

104
00:06:58,410 --> 00:07:00,870
And I believe this is not a good website, by the way.

105
00:07:00,870 --> 00:07:08,700
You can see the user interface is a little bit strange, like a pirate website or something like that.

106
00:07:09,540 --> 00:07:19,440
We can try to say full ASCII table or we can try to change the uppercase lowercase options from here.

107
00:07:20,310 --> 00:07:23,630
But let me just copy and paste it so you can see it in a better way.

108
00:07:23,730 --> 00:07:30,180
As you can see, we get the password, but we don't actually get the uppercase lowercase letters, which

109
00:07:30,180 --> 00:07:31,380
is not good for us.

110
00:07:31,380 --> 00:07:34,100
We have to get the uppercase lowercase letters as well.

111
00:07:34,800 --> 00:07:41,510
So I believe we have to go for another direction over here, which is to find another website.

112
00:07:42,090 --> 00:07:46,800
So this is the first Web site that I have seen when I did this search.

113
00:07:46,800 --> 00:07:48,780
So let me go to Rottman Cipher.

114
00:07:49,470 --> 00:07:51,590
Yep, this is the same website, I believe.

115
00:07:51,720 --> 00:07:52,230
Nope.

116
00:07:52,630 --> 00:08:04,100
Um, let me just go to another website, which is 13 dot com or cryptid or the blup the blob dot org.

117
00:08:04,440 --> 00:08:04,770
Yep.

118
00:08:04,770 --> 00:08:07,820
This seems promising to let me just come over here.

119
00:08:07,950 --> 00:08:08,250
Yeah.

120
00:08:08,280 --> 00:08:10,530
This is only for encryption I believe.

121
00:08:11,130 --> 00:08:13,830
Please enter the number to rotate.

122
00:08:13,980 --> 00:08:14,280
Yep.

123
00:08:14,280 --> 00:08:15,770
This is not what I'm looking for.

124
00:08:16,590 --> 00:08:22,760
So let me come over here to another website like cryptid dot com.

125
00:08:23,550 --> 00:08:29,930
So as you can see, I'm just trying online, OK, we will eventually find something that works.

126
00:08:30,660 --> 00:08:34,110
So let me try to get the thing over here.

127
00:08:35,340 --> 00:08:39,360
Let me copy this one more time from there, OK?

128
00:08:39,630 --> 00:08:43,560
And pasted over here and here you go.

129
00:08:43,560 --> 00:08:44,610
Now we get this.

130
00:08:44,610 --> 00:08:46,380
The translation is the password.

131
00:08:46,380 --> 00:08:47,160
Is this.

132
00:08:47,760 --> 00:08:48,720
So here, go.

133
00:08:48,720 --> 00:08:56,910
Let me just copy this and let me come over here and Nanoha into my password that texte and save it over

134
00:08:56,910 --> 00:08:57,290
there.

135
00:08:57,720 --> 00:09:01,050
So this is a simple algorithm to encrypt the message.

136
00:09:01,200 --> 00:09:06,030
And as you can see, it took us some time to find the decryption of it.

137
00:09:06,300 --> 00:09:10,860
But right now we know that this website works bug centric.

138
00:09:11,340 --> 00:09:13,680
So let me try to see if this works or not.

139
00:09:13,680 --> 00:09:17,460
Let me try to go into the bend the twelfth, OK?

140
00:09:18,630 --> 00:09:21,450
And let me paste the thing that we have copied.

141
00:09:21,870 --> 00:09:22,740
And here you go.

142
00:09:22,740 --> 00:09:24,660
We are inside of Bandha twelve.

143
00:09:25,230 --> 00:09:27,540
So let me just close this down.

144
00:09:27,690 --> 00:09:33,360
And we have actually learned there is something called thirteen.

145
00:09:33,570 --> 00:09:38,340
And if you come across in a situation that you need to decrypt, there are thirteen.

146
00:09:38,550 --> 00:09:40,440
Now you know what to do.

147
00:09:41,640 --> 00:09:42,990
So here we go.

148
00:09:42,990 --> 00:09:48,360
The password for the next level is starting the file data, the text one more time.

149
00:09:49,560 --> 00:09:57,270
But again, this is something interesting, which is a hex dump of a file that has been repeatedly compressed.

150
00:09:58,050 --> 00:09:59,100
So let.

151
00:09:59,170 --> 00:10:07,480
Me, just Dualla salay, and let me just get the data that texte yeah, we have this hex dump over here,

152
00:10:07,480 --> 00:10:15,490
if you have never seen this before, it's hexadecimal dump of that file of that file that we are working

153
00:10:15,490 --> 00:10:24,580
on like like a binary expression of that file, but not in a binary system, but in an hexadecimal system.

154
00:10:24,790 --> 00:10:33,790
Maybe, you know, that binary is ones and twos and hexadecimal has 16 characters rather than two characters

155
00:10:33,790 --> 00:10:37,000
like 16 numbers rather than two numbers.

156
00:10:37,270 --> 00:10:41,770
Zero one is binary and zero 15 is hexadecimal.

157
00:10:41,800 --> 00:10:45,660
So this is the hexadecimal representation of a file.

158
00:10:46,120 --> 00:10:52,090
And again, this is a file that has been repeatedly compressed.

159
00:10:52,840 --> 00:10:58,030
So this is a hard one I believe in.

160
00:10:58,030 --> 00:11:07,450
Anyway, we have to just convert this into a file and then we have to find a way to decompress the file,

161
00:11:07,690 --> 00:11:09,610
to gather the password.

162
00:11:10,210 --> 00:11:13,130
And it's not very hard.

163
00:11:13,150 --> 00:11:17,680
OK, you have to know how to create files from hexadecimal, so that's all.

164
00:11:18,340 --> 00:11:21,360
But it's saying that repeatedly compressed.

165
00:11:21,670 --> 00:11:24,010
So it's what's scaring me.

166
00:11:24,040 --> 00:11:29,050
OK, so I'm going to stop here and do this within the next lecture.