OverTheWire Bandit write-up(Level 27 → Level 28)

The current write-up that you are viewing is an ordinary write-up.

현재 보고계신 write-up은 일반 write-up 입니다.

To comply with the rule, in this write-up, I just deal with some hints related to this challenge. Here is no correct answer and no solution.

룰을 준수하기 위해, 이 문서에서는 이 챌린지와과 관련된 몇 가지 힌트만을 다룹니다. 여기에 정답과 솔루션은 없습니다.
 

For the full write-up PDF please refer to the page below.

풀 write-up PDF는 아래 페이지를 참고하세요. 

https://cysecguide.blogspot.com/2018/11/overthewire-bandit-write-uplevel-27.html

Bandit Level 27 → Level 28

Level Goal
There is a git repository at ssh://bandit27-git@localhost/home/bandit27-git/repo. The password for the user bandit27-git is the same as for the user bandit27.

레벨 목표
"ssh://bandit27-git@localhost/home/bandit27-git/repo"에 깃 저장소가 있다. "bandit27-git"의 패스워드와 "bandit27"의 패스워드는 동일하다.

Clone the repository and find the password for the next level.
저장소를 복제하여 다음 레벨의 패스워드를 찾아라.

Commands you may need to solve this level
현재 레벨을 클리어하기 위해 필요할 것으로 생각되는 명령어.
git

bandit27@bandit:~$ ls -al
total 20
drwxr-xr-x 2 root root 4096 Oct 16 14:00 .
drwxr-xr-x 41 root root 4096 Oct 16 14:00 ..
-rw-r--r-- 1 root root 220 May 15 2017 .bash_logout
-rw-r--r-- 1 root root 3526 May 15 2017 .bashrc
-rw-r--r-- 1 root root 675 May 15 2017 .profile

There were no special files in the home directory.

홈 디렉토리에 특별한 파일은 없었다.

bandit27@bandit:~$ mkdir /tmp/myBandit27
bandit27@bandit:~$ cd /tmp/myBandit27
bandit27@bandit:/tmp/myBandit27$
bandit27@bandit:/tmp/myBandit27$ ■■■■■■■■■ ssh://bandit27-git@localhost/home/bandit27-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit27/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit27/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit27-git@localhost's password:
remote: Counting objects: 3, done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
bandit27@bandit:/tmp/myBandit27$
bandit27@bandit:/tmp/myBandit27$ ls
repo

We were able to download in the ■■■■■■■■■■■■■■■. The password we need to enter was the same as the password for the "bandit27" account.

■■■■■■■■■■■■■■■에서는 다운로드를 받을 수 있었다. 입력해야하는 패스워드는 "bandit27" 계정의 패스워드와 동일하다.

- Omission. 중략. -
-rw-r--r-- 1 bandit27 root   68 Nov 25 11:55 RE■■■■■■
bandit27@bandit:/tmp/myBandit27/repo$
bandit27@bandit:/tmp/myBandit27/repo$
bandit27@bandit:/tmp/myBandit27/repo$ file ./RE■■■■■■
./README: ASCII text
bandit27@bandit:/tmp/myBandit27/repo$
bandit27@bandit:/tmp/myBandit27/repo$ cat ./RE■■■■■■
The password to the next level is: 0ef■■■■■■04ea33■■■■■■■■■6fa2

When we opened this file, we could see something like the flag and it was confirmed by the password of the next level.

이 파일을 열람하니 플래그로 보이는 정보를 확인할 수 있었는데 이 정보는 다음 레벨의 패스워드로 확인되었다.