The current write-up that you are viewing is an ordinary write-up.
현재 보고계신 write-up은 일반 write-up 입니다.
To comply with the rule, in this write-up, I just deal with some hints related to this challenge. Here is no correct answer and no solution.
룰을 준수하기 위해, 이 문서에서는 이 챌린지와과 관련된 몇 가지 힌트만을 다룹니다. 여기에 정답과 솔루션은 없습니다.
For the full write-up PDF please refer to the Facebook page WARGAMER.
풀 write-up PDF는 페이스북 페이지 WARGAMER를 참고하세요.
WARGAMER(Link)
Bandit Level 29 → Level 30
Level Goal
There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29.
레벨 목표
git 저장소는 "sssh://bandit29-git@localhost/home/bandit29-git/repo"에 있다. "bandit29-git"의 패스워드는는 "bandit29"의 패스워드와 동일하다.
Clone the repository and find the password for the next level.
그 저장소를 복사한 뒤 다음 레벨의 패스워드를 찾아라.
Commands you may need to solve this level
현재 레벨을 클리어하기 위해 필요할 것으로 생각되는 명령어.
git
Level Goal
There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29.
레벨 목표
git 저장소는 "sssh://bandit29-git@localhost/home/bandit29-git/repo"에 있다. "bandit29-git"의 패스워드는는 "bandit29"의 패스워드와 동일하다.
Clone the repository and find the password for the next level.
그 저장소를 복사한 뒤 다음 레벨의 패스워드를 찾아라.
Commands you may need to solve this level
현재 레벨을 클리어하기 위해 필요할 것으로 생각되는 명령어.
git
bandit29@bandit:/tmp/mytmp59$ git clone ssh://bandit29-git@localhost/home/bandit29-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit29/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit29/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit29-git@localhost's password:
remote: Counting objects: 16, done.
remote: Compressing objects: 100% (11/11), done.
remote: Total 16 (delta 2), reused 0 (delta 0)
Receiving objects: 100% (16/16), done.
Resolving deltas: 100% (2/2), done.
bandit29@bandit:/tmp/mytmp59$
bandit29@bandit:/tmp/mytmp59$ ls -al
total 1124
drwxr-sr-x 3 bandit29 root 4096 Dec 9 13:45 .
drwxrws-wt 20601 root root 1138688 Dec 9 13:47 ..
drwxr-sr-x 3 bandit29 root 4096 Dec 9 13:45 repo
Cloning into 'repo'...
Could not create directory '/home/bandit29/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit29/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit29-git@localhost's password:
remote: Counting objects: 16, done.
remote: Compressing objects: 100% (11/11), done.
remote: Total 16 (delta 2), reused 0 (delta 0)
Receiving objects: 100% (16/16), done.
Resolving deltas: 100% (2/2), done.
bandit29@bandit:/tmp/mytmp59$
bandit29@bandit:/tmp/mytmp59$ ls -al
total 1124
drwxr-sr-x 3 bandit29 root 4096 Dec 9 13:45 .
drwxrws-wt 20601 root root 1138688 Dec 9 13:47 ..
drwxr-sr-x 3 bandit29 root 4096 Dec 9 13:45 repo
I created the "mytmp59" directory in the "tmp" directory and downloaded the data from the given repository. I noticed that the "repo" directory was created.
"tmp" 디렉토리에 "mytmp59" 디렉토리를 생성 후, 그곳에 주어진 저장소의 자료를 다운로드 받았다. "repo" 디렉토리가 생겨난 것을 알 수 있었다.
# Bandit Notes
Some notes for bandit30 of bandit.
## credentials
- username: bandit30
- password: <no passwords in production!>
Some notes for bandit30 of bandit.
## credentials
- username: bandit30
- password: <no passwords in production!>
In the "repo", there is two files. As with the previous level, there was no password when I opened it. Instead there is a message.
"repo" 내부에는 두 개의 파일이 있다. 이전 레벨과 마찬가지로 열었을 때 패스워드는 없었다. 패스워드는 생산되지 않았다고 기록되어있다.
There was a record of the change of the username, but there was no record of the password.
유저 네임이 변경된 기록은 있지만 패스워드에 대한 기록은 없었다.
Next, I checked the past commit history.
다음으로, 과거 커밋 이력을 점검해보았다.
The log that I checked is the log for the ■■■■■■ branch, so I might need to check the logs ■■■■■■■■■■■■■■■ as well.
확인한 로그는 ■■■■■■ 브랜치에 대한 로그이며, ■■■■■■■■■ 로그도 확인할 필요가 있을 것 같다.
bandit29@bandit:/tmp/mytmp59/repo$ git ■■■■■■ ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■
commit ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■
Author: Morla Porla <morla@overthewire.org>
Date: Tue Oct 16 14:00:41 2018 +0200
add data needed for development
diff --git a/README.md b/README.md
index 1af21d3..39b87a8 100644
--- a/README.md
+++ b/README.md
@@ -4,5 +4,5 @@ Some notes for bandit30 of bandit.
## credentials
- username: bandit30
-- password: <no passwords in production!>
+- password: 5b■■■■■■■■■c04c■■■■■■■■■■■■42faf
bandit29@bandit:/tmp/mytmp59/repo$
bandit29@bandit:/tmp/mytmp59/repo$
commit ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■
Author: Morla Porla <morla@overthewire.org>
Date: Tue Oct 16 14:00:41 2018 +0200
add data needed for development
diff --git a/README.md b/README.md
index 1af21d3..39b87a8 100644
--- a/README.md
+++ b/README.md
@@ -4,5 +4,5 @@ Some notes for bandit30 of bandit.
## credentials
- username: bandit30
-- password: <no passwords in production!>
+- password: 5b■■■■■■■■■c04c■■■■■■■■■■■■42faf
bandit29@bandit:/tmp/mytmp59/repo$
bandit29@bandit:/tmp/mytmp59/repo$
When I checked the contents of the ■■■■■■■■■, I could see the change history of the password information.
■■■■■■■■■의 내용을 확인해보니 패스워드 정보의 변경 이력을 확인할 수 있었다.