1. Bandit28 목표
There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo via the port 2220.
The password for the user bandit28-git is the same as for the user bandit28.
Clone the repository and find the password for the next level.
Commands you may need to solve this level
git
2. Bandit28 구현
# 비밀번호 root 입력 접속
ssh -oStrictHostKeyChecking=no root@localhost -p 2220
useradd bandit29 && echo -e "4pT1t5DENaYuqnqvadYs1oE4QLCdjmJ7\n4pT1t5DENaYuqnqvadYs1oE4QLCdjmJ7" | passwd bandit29
chmod 755 /home/bandit29
chown root:root /home/bandit29
chown -R root:root /home/bandit29/.[!.]*
echo 4pT1t5DENaYuqnqvadYs1oE4QLCdjmJ7 > /etc/bandit_pass/bandit29
chown bandit29:bandit29 /etc/bandit_pass/bandit29
chmod 400 /etc/bandit_pass/bandit29
useradd bandit28-git && echo -e "Yz9IpL0sBcCeuG7m9uQFt8ZNpS4HZRcN\nYz9IpL0sBcCeuG7m9uQFt8ZNpS4HZRcN" | passwd bandit28-git
chmod 750 /home/bandit28-git
mkdir -p /home/bandit28-git/repo
chmod 775 /home/bandit28-git/repo
git init --bare /home/bandit28-git/repo
chown -R bandit28-git:bandit28-git /home/bandit28-git/repo
chsh -s /usr/bin/git-shell bandit28-git
TMP_DIR=$(mktemp -d)
cd $TMP_DIR
# Yz9IpL0sBcCeuG7m9uQFt8ZNpS4HZRcN
# 패스워드 입력
GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git clone ssh://bandit28-git@localhost:2220/home/bandit28-git/repo
cd $TMP_DIR/repo
cat <<'README' > $TMP_DIR/repo/README.md
# Bandit Notes
Some notes for level29 of bandit.
## credentials
- username: bandit29
- password: <TBD>
README
chmod 664 $TMP_DIR/repo/README.md
chown bandit28:bandit28 $TMP_DIR/repo/README.md
git add $TMP_DIR/repo/README.md
git config user.email "noone@overthewire.org"
git config user.name "Ben Dover"
git commit -m "initial commit of README.md"
sed -i 's/<TBD>/4pT1t5DENaYuqnqvadYs1oE4QLCdjmJ7/' $TMP_DIR/repo/README.md
git add $TMP_DIR/repo/README.md
git config user.email "morla@overthewire.org"
git config user.name "Morla Porlar"
git commit -m "add missing data"
sed -i 's/4pT1t5DENaYuqnqvadYs1oE4QLCdjmJ7/xxxxxxxxxx/' $TMP_DIR/repo/README.md
git add $TMP_DIR/repo/README.md
git commit -m "fix info leak"
# Yz9IpL0sBcCeuG7m9uQFt8ZNpS4HZRcN
# 패스워드 입력
GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git push
3. Bandit28 문제풀의
# bandit28 로 설정한 패스워드를 입력하여 접속한다.
# Yz9IpL0sBcCeuG7m9uQFt8ZNpS4HZRcN
ssh -oStrictHostKeyChecking=no bandit28@localhost -p 2220
TMP_DIR=$(mktemp -d)
cd $TMP_DIR
# Yz9IpL0sBcCeuG7m9uQFt8ZNpS4HZRcN
# 패스워드 입력
GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git clone ssh://bandit28-git@localhost:2220/home/bandit28-git/repo .
# 패스워드 확인
git log -p -- $TMP_DIR/README.md | grep password | awk '{if (length($3) == 32) print $3}' | uniq'Wargame > Bandit' 카테고리의 다른 글
| [ Docker ] Bandit Wargame 만들기 - 30번 문제 ( 31 / 33 ) (0) | 2024.09.05 |
|---|---|
| [ Docker ] Bandit Wargame 만들기 - 29번 문제 ( 30 / 33 ) (0) | 2024.06.24 |
| [ Docker ] Bandit Wargame 만들기 - 27번 문제 ( 28 / 33 ) (0) | 2024.06.21 |
| [ Docker ] Bandit Wargame 만들기 - 26번 문제 ( 27 / 33 ) (0) | 2024.06.21 |
| [ Docker ] Bandit Wargame 만들기 - 25번 문제 ( 26 / 33 ) (0) | 2024.06.20 |