Post

OverTheWire Bandit: Level 10 to Level 11

OverTheWire Bandit: Level 10 to Level 11

The Goal

The password is stored in data.txt as base64 encoded data. Decode it.

What I Did

Checked the man page for base64 to find the decode flag:

1
bandit10@bandit:~$ man base64

Found -d for decode. Applied it directly:

1
2
bandit10@bandit:~$ base64 -d data.txt
The password is pYfOY6HwUsDj5rL9UvyhU7MCmv8vN5Ro

Done.

What is Base64

Base64 is an encoding scheme — not encryption. The distinction matters:

  • Encryption scrambles data so it cannot be read without a key
  • Encoding converts data into a different format for transmission or storage — no key needed, anyone can decode it

Base64 converts binary data into a string of 64 printable ASCII characters: A-Z, a-z, 0-9, +, and /. The = at the end is padding to make the output a multiple of 4 characters.

It exists because many systems — email protocols, URLs, HTTP headers — were designed to handle text only. If you need to send binary data (an image, a file, raw bytes) through a text-only channel, you encode it as base64 first.

Base64 encoded data is immediately recognisable — it looks like a long string of random-looking letters and numbers, often ending in one or two = signs:

1
SGVsbG8gV29ybGQ=

That decodes to Hello World.

What I Learned

Base64 is encoding, not encryption. Seeing base64 in a real-world context doesn’t mean data is protected — it just means it was formatted for text transmission. It’s trivial to decode.

base64 -d decodes, base64 alone encodes. The default behaviour without flags is to encode. Always check the man page when you’re not sure which direction a tool goes by default.

Recognising encoding schemes matters in security. When you encounter unknown data — in a CTF, in malware analysis, in a network capture — being able to identify that something is base64 encoded is the first step to extracting what’s actually inside.

Commands Used

CommandWhat it did
man base64Found the -d flag for decoding
base64 -d data.txtDecoded the base64 content and printed the password
This post is licensed under CC BY 4.0 by the author.