🔍 OverTheWire Bandit Level 8: Searching Text with grep

Level 8 introduces grep—one of the most essential Linux commands. When you're dealing with large files containing thousands of lines, manually searching becomes impossible. The grep command lets you search for specific text patterns within files.

Level 8 teaches you:

• Using grep to search for text in files
• Understanding how pipes connect commands
• Filtering large files efficiently
• Finding specific patterns in text data

This level is where you start seeing the real power of Linux—combining simple commands to solve complex problems. This skill is essential for log analysis, data processing, and security assessments.

---

🎯 The Objective

After logging into bandit7, your goal is to find the password for Level 8. The password is stored in a text file called data.txt in your home directory, and it's located next to the word "millionth".

What Level 8 teaches:

• Using grep to search for text patterns
• Understanding how pipes (|) connect commands
• Filtering large files to find specific information
• Processing text data efficiently

The challenge: The data.txt file contains tons of data—thousands of lines with passwords and other information. You need to find the one line that contains the word "millionth" and extract the password from it.

---

🔍 Understanding the Problem

Let's start by connecting to Level 7 and seeing what we're dealing with:

sshpass -p `cat bandit7` ssh bandit7@bandit.labs.overthewire.org -p 2220

Once connected, let's check the data.txt file:

ls -la data.txt
cat data.txt | head -20

You should see many lines of data. If you try to read the entire file, you'll see thousands of lines—this would take forever to search manually.

The problem: How do you quickly find the one line that contains "millionth" among thousands of lines?

The answer: Use grep to search for the word "millionth" in the file.

---

🧠 Understanding grep

Let's dive deeper into grep, because it's incredibly useful:

What grep Does

The grep command searches for patterns in text:

grep pattern filename

What it does:

• Reads through a file line by line
• Searches for lines matching a pattern
• Outputs only the matching lines

Common usage:

grep "search term" file.txt

Using grep with Pipes

You can also pipe output from other commands into grep:

cat file.txt | grep "search term"

What this does:

• cat file.txt — Reads and outputs the file contents
• | — Pipe operator, passes output to the next command
• grep "search term" — Filters for lines containing "search term"

For Level 8: We use cat data.txt | grep "millionth" to find the line containing "millionth".

---

📋 Step-by-Step Walkthrough

Step 1: Connect to Level 7

sshpass -p `cat bandit7` ssh bandit7@bandit.labs.overthewire.org -p 2220

Step 2: Check the File

Let's see what we're working with:

ls -la data.txt
wc -l data.txt

The wc -l command counts lines. You'll see the file has many lines (possibly thousands).

Step 3: Search for "millionth"

Use grep to find the line containing "millionth":

cat data.txt | grep "millionth"

Breaking this down:

• cat data.txt — Reads the file contents
• | — Pipes the output to the next command
• grep "millionth" — Searches for lines containing "millionth"

Output: You should see one line that contains "millionth" and the password next to it. It might look something like:

millionth       CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9

Step 4: Extract the Password

The password is the string next to "millionth". Copy that entire string—that's your password for Level 8.

Step 5: Save the Password

Copy the password and save it:

On Linux/macOS:

echo "PASSWORD_HERE" > bandit8

On Windows (PowerShell):

"PASSWORD_HERE" | Out-File -FilePath bandit8 -NoNewline

Step 6: Connect to Level 8

sshpass -p `cat bandit8` ssh bandit8@bandit.labs.overthewire.org -p 2220

---

💡 Understanding Pipes

Let's dive deeper into pipes, because they're fundamental to Linux:

How Pipes Work

The pipe (|) connects commands together:

command1 | command2

What it does:

• Takes output from command1
• Feeds it as input to command2
• Allows you to chain multiple commands

For Level 8:

cat data.txt | grep "millionth"

This:

1. cat reads data.txt and outputs all lines
2. The pipe (|) passes those lines to grep
3. grep filters for lines containing "millionth"
4. Only matching lines are displayed

Why Pipes Are Powerful

Pipes let you:

• Chain commands — Combine simple commands to solve complex problems
• Process data — Filter, sort, and transform data in one line
• Avoid temporary files — No need to save intermediate results
• Work efficiently — Process data as it streams

Example: Count lines containing "error":

cat logfile.txt | grep "error" | wc -l

---

🛠️ Alternative Methods

Here are different ways to find the password:

Method 1: cat | grep (Recommended)

cat data.txt | grep "millionth"

Pros: Simple, efficient, standard approach Cons: None really

Method 2: grep Directly

grep "millionth" data.txt

Pros: Simpler syntax, no pipe needed Cons: None really (this is actually preferred when you have a filename)

Note: Both methods work the same. When you have a filename, you can use grep directly. Pipes are useful when you're chaining multiple commands.

Method 3: Using less with Search

less data.txt
# Then press / and type "millionth" to search

Pros: Interactive, can browse the file Cons: Slower, requires manual searching

Method 4: Manual Search (Not Recommended)

cat data.txt
# Manually scroll through thousands of lines...

Pros: Simple, no new commands Cons: Extremely slow, error-prone, nearly impossible

For Level 8, use Method 1 or 2 — they're both efficient and teach you valuable skills.

---

🔒 Real-World Context

Why does this matter in penetration testing?

In real security assessments, you'll constantly use grep to search through files:

1. Log File Analysis

Log files often contain:

• Access attempts
• Error messages
• User activity
• Security events

Example: Finding failed login attempts:

cat /var/log/auth.log | grep "Failed password"

2. Configuration File Analysis

Configuration files might contain:

• Credentials
• API keys
• Connection strings
• Security settings

Example: Finding password references:

grep -i "password" /etc/*.conf

3. Code Analysis

When analyzing source code, you might search for:

• Hardcoded credentials
• API endpoints
• Security vulnerabilities
• Sensitive data

Example: Finding hardcoded passwords:

grep -r "password" /var/www/html/

4. Data Processing

When processing data dumps, you might need to:

• Find specific entries
• Filter by patterns
• Extract relevant information

Example: Finding specific user data:

cat userdump.txt | grep "admin"

5. Combining with Other Tools

Real-world analysis often combines multiple tools:

Example: Finding and counting errors:

cat logfile.txt | grep "error" | wc -l

Example: Finding unique IP addresses:

cat access.log | grep "GET" | awk '{print $1}' | sort | uniq

The skill you're learning: How to efficiently search for specific text in files. This is essential when:

• Analyzing log files
• Searching configuration files
• Processing data dumps
• Finding credentials or sensitive data
• Filtering large amounts of text

---

🚨 Common Mistakes

Mistake 1: Case Sensitivity

Wrong:

cat data.txt | grep "Millionth"
# Won't find "millionth" (case-sensitive)

Right:

cat data.txt | grep "millionth"
# Or use -i for case-insensitive: grep -i "millionth"

Why: grep is case-sensitive by default. "millionth" and "Millionth" are different. Use -i flag for case-insensitive search if needed.

Mistake 2: Wrong Pattern

Wrong:

cat data.txt | grep "million"
# Might match multiple lines (millionth, millions, etc.)

Right:

cat data.txt | grep "millionth"
# Exact word match

Why: Be specific with your search pattern. "million" might match "millionth", "millions", "millionaire", etc.

Mistake 3: Not Understanding the Output

Confusion: "I see the line with 'millionth' but don't know which part is the password."

Clarification:

• The entire line is shown
• The password is the string next to "millionth"
• It's usually separated by spaces or tabs
• Copy the entire password string (the long random characters)

For Level 8: The password is the string that appears on the same line as "millionth".

Mistake 4: Reading the Entire File First

Wrong:

cat data.txt
# Outputs thousands of lines, then you manually search

Right:

cat data.txt | grep "millionth"
# Filters immediately, shows only matching line

Why: grep filters as it reads, so you only see relevant lines. Reading the entire file first is inefficient.

Mistake 5: Not Using Pipes When Needed

Wrong:

cat data.txt
grep "millionth"
# grep has no input!

Right:

cat data.txt | grep "millionth"
# Pipe connects the commands

Why: When chaining commands, you need the pipe (|) to pass output from one command to the next.

---

💻 Practice Exercise

Try these to reinforce what you learned:

1. Search for text in a file:

   echo -e "line1\nline2\nline3" > test.txt
   grep "line2" test.txt
   

2. Use pipes:

   cat test.txt | grep "line"
   

3. Case-insensitive search:

   echo -e "Hello\nhello\nHELLO" > test.txt
   grep -i "hello" test.txt
   

4. Count matching lines:

   cat test.txt | grep "line" | wc -l
   

5. Clean up:

   rm test.txt
   

---

🎓 Understanding grep Options

This is a good time to understand common grep options:

Common grep Options

-i — Case-insensitive search

grep -i "error" file.txt
# Matches "error", "Error", "ERROR", etc.

-v — Invert match (show lines that DON'T match)

grep -v "error" file.txt
# Shows all lines except those containing "error"

-n — Show line numbers

grep -n "error" file.txt
# Shows line number with each match

-r — Recursive search (search in directories)

grep -r "password" /etc/
# Searches all files in /etc/ recursively

-c — Count matches

grep -c "error" file.txt
# Shows count of matching lines

For Level 8: Basic grep is sufficient, but these options are useful for more complex searches.

---

🔗 What's Next?

Level 9 introduces another text processing challenge—finding unique lines in a file. You'll learn to use sort and uniq together to find lines that appear only once, which is essential for data analysis.

Before moving on, make sure you:

• ✅ Successfully used grep to search for "millionth"
• ✅ Understand how pipes connect commands
• ✅ Can extract the password from the grep output
• ✅ Know the difference between grep pattern file and cat file | grep pattern
• ✅ Understand how grep filters text

---

📚 Key Takeaways

After completing Level 8, you should understand:

1. grep command — Searches for text patterns in files
2. Pipes (|) — Connect commands together, passing output as input
3. Text filtering — Using grep to filter large files
4. Command chaining — Combining cat and grep to process data
5. Pattern matching — grep searches for patterns, not just exact text

---

🎯 Quick Reference

Problem	Solution	Example
Search for text	Use grep	grep "pattern" file
Pipe to grep	Use |	cat file | grep "pattern"
Case-insensitive	Use -i	grep -i "pattern" file
Show line numbers	Use -n	grep -n "pattern" file
Count matches	Use -c	grep -c "pattern" file

---

Questions about Level 8 or using grep? Reach out directly:

• Email: m1k3@msquarellc.net
• Phone: (559) 670-3159
• Schedule: Book a free consultation

---

M Square LLC
Cybersecurity | Penetration Testing | No-Nonsense Advice