Level Goal
There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo. The password for the user bandit31-git is the same as for the user bandit31.
Clone the repository and find the password for the next level.
Use ssh to login the server with the following information.
- Username: bandit31
- Password: 47e603bb428404d265f59c42920d81e5
- Host: bandit.labs.overthewire.org
- Port: 2220
$ ssh bandit31@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit31@bandit.labs.overthewire.org's password:
47e603bb428404d265f59c42920d81e5
Let’s find the password for the next level.
bandit31@bandit:~$ mkdir -p /tmp/secttp
bandit31@bandit:~$ cd /tmp/sectp
bandit31@bandit:/tmp/secttp$ git clone ssh://bandit31-git@localhost/home/bandit31-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit31/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit31/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit31-git@localhost's password:
47e603bb428404d265f59c42920d81e5remote: Counting objects: 4, done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 4 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (4/4), done.
Let us check the README file first.
bandit31@bandit:/tmp/secttp$ cd repo/
bandit31@bandit:/tmp/secttp/repo$ ls
README.md
bandit31@bandit:/tmp/secttp/repo$ cat README.md
This time your task is to push a file to the remote repository.Details:
File name: key.txt
Content: 'May I come in?'
Branch: masterbandit31@bandit:/tmp/secttp/repo$
Hmm, it seems like we need to follow the instruction to push a file to the remote repository this time. Let’s do it.
bandit31@bandit:/tmp/secttp/repo$ git branch
* master
bandit31@bandit:/tmp/secttp/repo$ touch key.txt
bandit31@bandit:/tmp/secttp/repo$ echo "May I come in?" > key.txtbandit31@bandit:/tmp/secttp/repo$ git add key.txt
The following paths are ignored by one of your .gitignore files:
key.txt
Use -f if you really want to add them.
bandit31@bandit:/tmp/secttp/repo$ ls -al
total 24
drwxr-sr-x 3 bandit31 root 4096 Mar 28 11:43 .
drwxr-sr-x 3 bandit31 root 4096 Mar 28 11:40 ..
drwxr-sr-x 8 bandit31 root 4096 Mar 28 11:45 .git
-rw-r--r-- 1 bandit31 root 6 Mar 28 11:40 .gitignore
-rw-r--r-- 1 bandit31 root 15 Mar 28 11:44 key.txt
-rw-r--r-- 1 bandit31 root 147 Mar 28 11:40 README.md
bandit31@bandit:/tmp/secttp/repo$ cat .gitignore
*.txt
Oh~my! The .gitignore file specified intentionally untracked files to ignore. We can remove the .gitignore file first then push the file to the repository again.
bandit31@bandit:/tmp/secttp/repo$ rm .gitignore
bandit31@bandit:/tmp/secttp/repo$ git add key.txt
bandit31@bandit:/tmp/secttp/repo$ git commit -m "Upload a file"
[master 45b1ec4] Upload a file
1 file changed, 1 insertion(+)
create mode 100644 key.txtbandit31@bandit:/tmp/secttp/repo$ git push origin master
Could not create directory '/home/bandit31/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit31/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit31-git@localhost's password:
47e603bb428404d265f59c42920d81e5Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 324 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: ### Attempting to validate files... ####
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
remote: Well done! Here is the password for the next level:
remote: 56a9bf19c63d650ce78e6ec0354ee45e
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
To ssh://localhost/home/bandit31-git/repo
! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'ssh://bandit31-git@localhost/home/bandit31-git/repo'
bandit31@bandit:/tmp/secttp/repo$
Got it!
