OverTheWire Bandit Guide

here's how to solve the bandit level 31 → 32

Back to the Bandit Guides

Previous Level Guide: Bandit Level 30 → 31

Access

SSH: ssh bandit31@bandit.labs.overthewire.org -p 2220

Password: 5rdWnMsS81Zw9mpruSVu3yDpmA4AtqMN

Info

There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo via the port 2220. The password for the user bandit31-git is the same as for the user bandit31. Clone the repository and find the password for the next level.
Commands: git

Theory

To get the password, the instructions say to clone the repository and look for the password there. So, I already explained this in the last last last last level, and the instructions don't give much more insight into what the level will be, so here's the commands again:

git clone ssh://bandit31-git@localhost/home/bandit31-git/repo
git clone ssh://bandit31-git@localhost:2220/home/bandit31-git/repo

Solution

Same thing as last last last last level:

~$ mktemp -d
/tmp/tmp.l4qp0UuySA

~$ cd /tmp/tmp.l4qp0UuySA

/tmp/tmp.l4qp0UuySA$ git clone ssh://bandit31-git@localhost:2220/home/bandit31-git/repo
...
Receiving objects: 100% (4/4), done.

Now that we have the repository, let's look what's inside:

/tmp/tmp.l4qp0UuySA$ ls
repo

/tmp/tmp.l4qp0UuySA$ cd repo

/tmp/tmp.l4qp0UuySA/repo$ ls -la
total 20
drwxrwxr-x 3 bandit31 bandit31 4096 Jan  7 15:26 .
drwx------ 3 bandit31 bandit31 4096 Jan  7 15:26 ..
drwxrwxr-x 8 bandit31 bandit31 4096 Jan  7 15:26 .git
-rw-rw-r-- 1 bandit31 bandit31    6 Jan  7 15:26 .gitignore
-rw-rw-r-- 1 bandit31 bandit31  147 Jan  7 15:26 README.md

/tmp/tmp.l4qp0UuySA/repo$ cat README.md
This time your task is to push a file to the remote repository.

Details:
    File name: key.txt
    Content: 'May I come in?'
    Branch: master

So it tells us that we have to push a file into the remote repo named "key.txt" with that content in the master branch:

/tmp/tmp.l4qp0UuySA/repo$ echo 'May I come in?' > key.txt

/tmp/tmp.l4qp0UuySA/repo$ cat .gitignore
*.txt

The problem is that the gitignore file has any file that ends with ".txt", which means that it won't let you push files that have this extension. Although, we can override this by just pushing with git add, then commit. And because it's a commit, nano will expect a message coming with the commit, however, the message doen't impact, you can put whatever you want, for example, I put "File with text in it lol" lol:

/tmp/tmp.l4qp0UuySA/repo$ git commit -a
Unable to create directory /home/bandit31/.local/share/nano/: No such file or directory
It is required for saving/loading search history or cursor positions.

[master 74f114c] File with text in it lol
 1 file changed, 1 insertion(+)
 create mode 100644 key.txt

/tmp/tmp.l4qp0UuySA/repo$ git push -u origin master
The authenticity of host '[localhost]:2220 ([127.0.0.1]:2220)' can't be established.
ED25519 key fingerprint is SHA256:C2ihUBV7ihnV1wUXRb4RrEcLfXC5CXlhmAAM/urerLY.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Could not create directory '/home/bandit31/.ssh' (Permission denied).
Failed to add the host to the list of known hosts (/home/bandit31/.ssh/known_hosts).
                         _                     _ _ _
                        | |__   __ _ _ __   __| (_) |_
                        | '_ \ / _` | '_ \ / _` | | __|
                        | |_) | (_| | | | | (_| | | |_
                        |_.__/ \__,_|_| |_|\__,_|_|\__|


                      This is an OverTheWire game server.
            More information on http://www.overthewire.org/wargames

bandit31-git@localhost's password: 5rdWnMsS81Zw9mpruSVu3yDpmA4AtqMN
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Delta compression using up to 2 threads
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 333 bytes | 333.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
remote: ### Attempting to validate files... ####
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
remote: Well done! Here is the password for the next level:
remote: 0WBZ2GRz8qqNu15o3Rxfxc1UxGNDKdFQ
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
To ssh://localhost:2220/home/bandit31-git/repo
 ! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'ssh://localhost:2220/home/bandit31-git/repo'

And that's the password! Now we should be good to go to the next level.

https://overthewire.org/wargames/bandit/bandit32.html
Next Level Guide: Bandit Level 32 → Level 33

Explore My Website