关卡提示:有一个git存储库位于ssh://bandit29-git@localhost/home/bandit29 git/repo通过端口2220。用户bandit29git的密码与用户bandit29的密码相同。
克隆存储库并查找下一级别的密码。
创建目录 克隆
bandit29@bandit:~$ ls -al
total 20
drwxr-xr-x 2 root root 4096 Oct 5 06:19 .
drwxr-xr-x 70 root root 4096 Oct 5 06:20 ..
-rw-r--r-- 1 root root 220 Jan 6 2022 .bash_logout
-rw-r--r-- 1 root root 3771 Jan 6 2022 .bashrc
-rw-r--r-- 1 root root 807 Jan 6 2022 .profile
bandit29@bandit:~$ mkdir /tmp/bdit29
bandit29@bandit:~$ cd /tmp/bdit29
bandit29@bandit:/tmp/bdit29$ git clone ssh://bandit29-git@localhost:2220/home/bandit29-git/repo
Cloning into 'repo'...
The authenticity of host '[localhost]:2220 ([127.0.0.1]:2220)' can't be established.
ED25519 key fingerprint is SHA256:C2ihUBV7ihnV1wUXRb4RrEcLfXC5CXlhmAAM/urerLY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Could not create directory '/home/bandit29/.ssh' (Permission denied).
Failed to add the host to the list of known hosts (/home/bandit29/.ssh/known_hosts).
_ _ _ _
| |__ __ _ _ __ __| (_) |_
| '_ \ / _` | '_ \ / _` | | __|
| |_) | (_| | | | | (_| | | |_
|_.__/ \__,_|_| |_|\__,_|_|\__|
This is an OverTheWire game server.
More information on http://www.overthewire.org/wargames
bandit29-git@localhost's password:
remote: Enumerating objects: 16, done.
remote: Counting objects: 100% (16/16), done.
remote: Compressing objects: 100% (11/11), done.
remote: Total 16 (delta 2), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (16/16), done.
Resolving deltas: 100% (2/2), done.
bandit29@bandit:/tmp/bdit29$ ls -al
total 408
drwxrwxr-x 3 bandit29 bandit29 4096 Jan 17 09:02 .
drwxrwx-wt 559 root root 405504 Jan 17 09:03 ..
drwxrwxr-x 3 bandit29 bandit29 4096 Jan 17 09:03 repo
bandit29@bandit:/tmp/bdit29$ cd repo
查看README,获得提示:生产分支没有密码
bandit29@bandit:/tmp/bdit29/repo$ ls
README.md
bandit29@bandit:/tmp/bdit29/repo$ ls -al
total 16
drwxrwxr-x 3 bandit29 bandit29 4096 Jan 17 09:03 .
drwxrwxr-x 3 bandit29 bandit29 4096 Jan 17 09:02 ..
drwxrwxr-x 8 bandit29 bandit29 4096 Jan 17 09:03 .git
-rw-rw-r-- 1 bandit29 bandit29 131 Jan 17 09:03 README.md
bandit29@bandit:/tmp/bdit29/repo$ cat README.md
# Bandit Notes
Some notes for bandit30 of bandit.
## credentials
- username: bandit30
- password: <no passwords in production!>
查看分支历史
bandit29@bandit:/tmp/bdit29/repo$ git log --oneline --decorate --graph --all
* 1d160de (origin/dev) add data needed for development
* 73d0f76 add gif2ascii
| * 07b750d (origin/sploits-dev) add some silly exploit, just for shit and giggles
|/
* 4364630 (HEAD -> master, origin/master, origin/HEAD) fix username
* fca34dd initial commit of README.md
bandit29@bandit:/tmp/bdit29/repo/.git$ git remote show origin
The authenticity of host '[localhost]:2220 ([127.0.0.1]:2220)' can't be established.
ED25519 key fingerprint is SHA256:C2ihUBV7ihnV1wUXRb4RrEcLfXC5CXlhmAAM/urerLY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Could not create directory '/home/bandit29/.ssh' (Permission denied).
Failed to add the host to the list of known hosts (/home/bandit29/.ssh/known_hosts).
_ _ _ _
| |__ __ _ _ __ __| (_) |_
| '_ \ / _` | '_ \ / _` | | __|
| |_) | (_| | | | | (_| | | |_
|_.__/ \__,_|_| |_|\__,_|_|\__|
This is an OverTheWire game server.
More information on http://www.overthewire.org/wargames
bandit29-git@localhost's password:
* remote origin
Fetch URL: ssh://bandit29-git@localhost:2220/home/bandit29-git/repo
Push URL: ssh://bandit29-git@localhost:2220/home/bandit29-git/repo
HEAD branch: master
Remote branches:
dev tracked
master tracked
sploits-dev tracked
Local branch configured for 'git pull':
master merges with remote master
Local ref configured for 'git push':
master pushes to master (up to date)
切换分支
bandit29@bandit:/tmp/bdit29/repo/.git$ git checkout dev
fatal: this operation must be run in a work tree
bandit29@bandit:/tmp/bdit29/repo/.git$ cd ..
bandit29@bandit:/tmp/bdit29/repo$ git checkout dev
Branch 'dev' set up to track remote branch 'dev' from 'origin'.
Switched to a new branch 'dev'
bandit29@bandit:/tmp/bdit29/repo$ ls
code README.md
bandit29@bandit:/tmp/bdit29/repo$ cat README.md
# Bandit Notes
Some notes for bandit30 of bandit.
## credentials
- username: bandit30
- password: xbhV3HpNGlTIdnjUrdAlPzc2L6y9EOnS