Wargames与bash知识19
Bandit28
关卡提示:
有一个git存储库位于ssh://bandit28-git@localhost/home/bandit28 git/repo通过端口2220。用户bandit28git的密码与用户bandit28的密码相同。克隆存储库并查找下一级别的密码。
bash
bandit28@bandit:~$ ls -al
total 20
drwxr-xr-x 2 root root 4096 Oct 5 06:19 .
drwxr-xr-x 70 root root 4096 Oct 5 06:20 ..
-rw-r--r-- 1 root root 220 Jan 6 2022 .bash_logout
-rw-r--r-- 1 root root 3771 Jan 6 2022 .bashrc
-rw-r--r-- 1 root root 807 Jan 6 2022 .profile创建目录,克隆
bash
bandit28@bandit:~$ mkdir /tmp/bdit29
bandit28@bandit:~$ cd /tmp/bdit29
bandit28@bandit:/tmp/bdit29$ git clone ssh://bandit28-git@localhost:2220/home/bandit28-git/rpepo
Cloning into 'rpepo'...
The authenticity of host '[localhost]:2220 ([127.0.0.1]:2220)' can't be established.
ED25519 key fingerprint is SHA256:C2ihUBV7ihnV1wUXRb4RrEcLfXC5CXlhmAAM/urerLY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Could not create directory '/home/bandit28/.ssh' (Permission denied).
Failed to add the host to the list of known hosts (/home/bandit28/.ssh/known_hosts).
_ _ _ _
| |__ __ _ _ __ __| (_) |_
| '_ \ / _` | '_ \ / _` | | __|
| |_) | (_| | | | | (_| | | |_
|_.__/ \__,_|_| |_|\__,_|_|\__|
This is an OverTheWire game server.
More information on http://www.overthewire.org/wargames
bandit28-git@localhost's password:
fatal: '/home/bandit28-git/rpepo' does not appear to be a git repository
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
bandit28@bandit:/tmp/bdit29$ git clone ssh://bandit28-git@localhost:2220/home/bandit28-git/repo
Cloning into 'repo'...
The authenticity of host '[localhost]:2220 ([127.0.0.1]:2220)' can't be established.
ED25519 key fingerprint is SHA256:C2ihUBV7ihnV1wUXRb4RrEcLfXC5CXlhmAAM/urerLY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Could not create directory '/home/bandit28/.ssh' (Permission denied).
Failed to add the host to the list of known hosts (/home/bandit28/.ssh/known_hosts).
_ _ _ _
| |__ __ _ _ __ __| (_) |_
| '_ \ / _` | '_ \ / _` | | __|
| |_) | (_| | | | | (_| | | |_
|_.__/ \__,_|_| |_|\__,_|_|\__|
This is an OverTheWire game server.
More information on http://www.overthewire.org/wargames
bandit28-git@localhost's password:
remote: Enumerating objects: 9, done.
remote: Counting objects: 100% (9/9), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 9 (delta 2), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (9/9), done.
Resolving deltas: 100% (2/2), done.查看README.d 未获取到密码
bash
bandit28@bandit:/tmp/bdit29$ ls
repo
bandit28@bandit:/tmp/bdit29$ vf repo
vf: command not found
bandit28@bandit:/tmp/bdit29$ cd repo/
bandit28@bandit:/tmp/bdit29/repo$ ls
README.md
bandit28@bandit:/tmp/bdit29/repo$ cat README.md
# Bandit Notes
Some notes for level29 of bandit.
## credentials
- username: bandit29
- password: xxxxxxxxxx
bandit28@bandit:/tmp/bdit29/repo$ file README.md
README.md: ASCII textgit太不熟悉了,需要找本书看看。
bash
bandit28@bandit:/tmp/bdit29/repo$ ls -al
total 16
drwxrwxr-x 3 bandit28 bandit28 4096 Jan 16 01:51 .
drwxrwxr-x 3 bandit28 bandit28 4096 Jan 16 01:46 ..
drwxrwxr-x 8 bandit28 bandit28 4096 Jan 16 01:46 .git
-rw-rw-r-- 1 bandit28 bandit28 111 Jan 16 01:46 README.md
bandit28@bandit:/tmp/bdit29/repo$ cd ./.git
bandit28@bandit:/tmp/bdit29/repo/.git$ ls
branches config description HEAD hooks index info logs objects packed-refs refs
bandit28@bandit:/tmp/bdit29/repo/.git$ ls -al
total 52
drwxrwxr-x 8 bandit28 bandit28 4096 Jan 16 01:46 .
drwxrwxr-x 3 bandit28 bandit28 4096 Jan 16 01:51 ..
drwxrwxr-x 2 bandit28 bandit28 4096 Jan 16 01:46 branches
-rw-rw-r-- 1 bandit28 bandit28 281 Jan 16 01:46 config
-rw-rw-r-- 1 bandit28 bandit28 73 Jan 16 01:46 description
-rw-rw-r-- 1 bandit28 bandit28 23 Jan 16 01:46 HEAD
drwxrwxr-x 2 bandit28 bandit28 4096 Jan 16 01:46 hooks
-rw-rw-r-- 1 bandit28 bandit28 137 Jan 16 01:46 index
drwxrwxr-x 2 bandit28 bandit28 4096 Jan 16 01:46 info
drwxrwxr-x 3 bandit28 bandit28 4096 Jan 16 01:46 logs
drwxrwxr-x 4 bandit28 bandit28 4096 Jan 16 01:46 objects
-rw-rw-r-- 1 bandit28 bandit28 114 Jan 16 01:46 packed-refs
drwxrwxr-x 5 bandit28 bandit28 4096 Jan 16 01:46 refs
bandit28@bandit:/tmp/bdit29/repo/.git$ cat index
▒QՕ▒n▒▒▒README.mdTREE1 0W▒}▒;_G▒#S▒
▒u([4▒▒▒4▒s▒z▒▒E▒F▒▒"Ԥ:D▒xL▒▒k\Tbandit28@bandit:/tmp/bdit29/repo/.git$
bandit28@bandit:/tmp/bdit29/repo/.git$ git show-branch
[master] fix info leak
bandit28@bandit:/tmp/bdit29/repo/.git$ git branch -vvv
* master 14f754b [origin/master] fix info leak
bandit28@bandit:/tmp/bdit29/repo/.git$ http://index
-bash: http://index: No such file or directory
bandit28@bandit:/tmp/bdit29/repo/.git$ file://index
-bash: file://index: No such file or directory
bandit28@bandit:/tmp/bdit29/repo/.git$ file://./index
-bash: file://./index: No such file or directory
bandit28@bandit:/tmp/bdit29/repo/.git$ git log
commit 14f754b3ba6531a2b89df6ccae6446e8969a41f3 (HEAD -> master, origin/master, origin/HEAD)
Author: Morla Porla <morla@overthewire.org>
Date: Thu Oct 5 06:19:41 2023 +0000
fix info leak
commit f08b9cc63fa1a4602fb065257633c2dae6e5651b
Author: Morla Porla <morla@overthewire.org>
Date: Thu Oct 5 06:19:41 2023 +0000
add missing data
commit a645bcc508c63f081234911d2f631f87cf469258
Author: Ben Dover <noone@overthewire.org>
Date: Thu Oct 5 06:19:41 2023 +0000
initial commit of README.md
bandit28@bandit:/tmp/bdit29/repo/.git$ diff --git a/README.md b/READMEmd
diff: unrecognized option '--git'
diff: Try 'diff --help' for more information.
bandit28@bandit:/tmp/bdit29/repo/.git$ git show
commit 14f754b3ba6531a2b89df6ccae6446e8969a41f3 (HEAD -> master, origin/master, origin/HEAD)
Author: Morla Porla <morla@overthewire.org>
Date: Thu Oct 5 06:19:41 2023 +0000
fix info leak
diff --git a/README.md b/README.md
index b302105..5c6457b 100644
--- a/README.md
+++ b/README.md
@@ -4,5 +4,5 @@ Some notes for level29 of bandit.
## credentials
- username: bandit29
-- password: tQKvmcwNYcFS6vmPHIUSI3ShmsrQZK8S
+- password: xxxxxxxxxx
bandit28@bandit:/tmp/bdit29/repo/.git$