OverTheWire Bandit write-up(Level 31 → Level 32)

The current write-up that you are viewing is an ordinary write-up.

현재 보고계신 write-up은 일반 write-up 입니다.

To comply with the rule, in this write-up, I just deal with some hints related to this challenge. Here is no correct answer and no solution.

룰을 준수하기 위해, 이 문서에서는 이 챌린지와과 관련된 몇 가지 힌트만을 다룹니다. 여기에 정답과 솔루션은 없습니다.
 

For the full write-up please refer to the page below.

풀 write-up은 아래 페이지를 참고하세요. 

https://cysecguide.blogspot.com/2018/12/overthewire-bandit-write-uplevel-31.html

Bandit Level 31 → Level 32

Level Goal
There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo. The password for the user bandit31-git is the same as for the user bandit31.

레벨 목표
git 저장소는 "ssh://bandit31-git@localhost/home/bandit31-git/repo"에 있다. "bandit31-git"의 패스워드는는 "bandit31"의 패스워드와 동일하다.

Clone the repository and find the password for the next level.
그 저장소를 복사한 뒤 다음 레벨의 패스워드를 찾아라.

Commands you may need to solve this level
현재 레벨을 클리어하기 위해 필요할 것으로 생각되는 명령어.
git

I created a directory in the "/tmp" and downloaded the data through the given address.

"/tmp"에 디렉토리를 만든 후 주어진 주소를 통해 자료를 다운 받았다.

bandit31@bandit:/tmp/tmp3132$ cd ./repo
bandit31@bandit:/tmp/tmp3132/repo$ ls
README.md
bandit31@bandit:/tmp/tmp3132/repo$ cat ./README.md
This time your task is to push a file to the remote repository.

Details:
File name: key.txt
Content: 'May I come in?'
Branch: master

When I opened it, I could see the message that requires a "push a file to the remote repository". I think the contents of "Details" below should be reflected.

열어보니, 원격 저장소에 "push"를 하라는 메시지가 있다. 아래 "Details"의 내용을 반영해야 할 것으로 생각된다.

bandit31@bandit:/tmp/tmp3132/repo$ echo "May I come in?" > ./key.txt
bandit31@bandit:/tmp/tmp3132/repo$ ls
key.txt README.md
bandit31@bandit:/tmp/tmp3132/repo$ cat ./key.txt
May I come in?

bandit31@bandit:/tmp/tmp3132/repo$ git branch -a
* master
remotes/origin/HEAD -> origin/master
remotes/origin/master
bandit31@bandit:/tmp/tmp3132/repo$
bandit31@bandit:/tmp/tmp3132/repo$ git ■■■■■■■■■
The following paths are ignored by one of your .gitignore files:
key.txt
Use -f if you really want to add them.
bandit31@bandit:/tmp/tmp3132/repo$ git ■■■ -f ■■■■■■■■
bandit31@bandit:/tmp/tmp3132/repo$ git ■■■■■■ -m "key added"
[master 07e056a] key added
1 file changed, 1 insertion(+)
create mode 100644 key.txt
bandit31@bandit:/tmp/tmp3132/repo$

bandit31@bandit:/tmp/tmp3132/repo$ git ■■■■ origin ■■■■■■
Could not create directory '/home/bandit31/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit31/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit31-git@localhost's password:
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 322 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: ### Attempting to validate files... ####
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
remote: Well done! Here is the password for the next level:
remote: 56■■■■■■■78e6e■■■■■■■■■5e
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
To ssh://localhost/home/bandit31-git/repo
! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'ssh://bandit31-git@localhost/home/bandit31-git/repo'
bandit31@bandit:/tmp/tmp3132/repo$

I did what the message required and could get a password.

요구하는대로 했더니 패스워드를 받을 수 있었다.