Skip to content

Latest commit

 

History

History
66 lines (57 loc) · 2.63 KB

Level27a28.md

File metadata and controls

66 lines (57 loc) · 2.63 KB

Retos Bandit

Para documentar los retos bandit, usaremos la siguiente estructura:

Level 27 a 28

Objetivo

	``` Shell

There is a git repository at `ssh://bandit27-git@localhost/home/bandit27-git/repo`. The password for the user `bandit27-git` is the same as for the user `bandit27`. Clone the repository and find the password for the next level.

Datos de acceso

Usuario: bandit27
contraseña: 
YnQpBuifNMas1hcUFk70ZmqkhUU2EuaS

Solución

	bandit27@bandit:~$ mkdir /tmp/anargit
	bandit27@bandit:~$ cd /tmp/anargit
bandit27@bandit:/tmp/anargit$ git clone ssh://bandit27-git@localhost:2220/home/bandit27-git/repo
Cloning into 'repo'...
The authenticity of host '[localhost]:2220 ([127.0.0.1]:2220)' can't be established.
ED25519 key fingerprint is SHA256:C2ihUBV7ihnV1wUXRb4RrEcLfXC5CXlhmAAM/urerLY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Could not create directory '/home/bandit27/.ssh' (Permission denied).
Failed to add the host to the list of known hosts (/home/bandit27/.ssh/known_hosts).
                         _                     _ _ _
                        | |__   __ _ _ __   __| (_) |_
                        | '_ \ / _` | '_ \ / _` | | __|
                        | |_) | (_| | | | | (_| | | |_
                        |_.__/ \__,_|_| |_|\__,_|_|\__|


                      This is an OverTheWire game server.
            More information on http://www.overthewire.org/wargames

bandit27-git@localhost's password:
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (3/3), 286 bytes | 286.00 KiB/s, done.
bandit27@bandit:/tmp/anargit$ ls -la
total 196
drwxrwxr-x    3 bandit27 bandit27   4096 Sep  6 14:30 .
drwxrwx-wt 4870 root     root     188416 Sep  6 14:28 ..
drwxrwxr-x    3 bandit27 bandit27   4096 Sep  6 14:30 repo
bandit27@bandit:/tmp/anargit$

bandit27@bandit:/tmp/anargit$ cat readme
cat: readme: No such file or directory
bandit27@bandit:/tmp/anargit$ cd repo
bandit27@bandit:/tmp/anargit/repo$ cat readme
cat: readme: No such file or directory
bandit27@bandit:/tmp/anargit/repo$ ls
README
bandit27@bandit:/tmp/anargit/repo$ cat README
The password to the next level is: AVanL161y9rsbcJIsFHuw35rjaOM19nR
bandit27@bandit:/tmp/anargit/repo$

Notas adicionales

Creamos una carpeta y clonamos un repositorio con la ssh que nos brinda el objetivo, despues ingresamos a la carpeta y leemos el readme que esta, y nos mostrara la contraseña para el siguiente nivel.

Referencias