OverTheWire Bandit Level 31->Level 32 - Walkthrough

OverTheWire Bandit Solutions

Introduction

In this post, I will be giving you a walkthrough to the Bandit wargame Level 31->Level 32. In this level, we will learn how to add files to remote git repository and commit it. Post commit, we will get the password.

Goal

There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo via the port 2220. The password for the user bandit31-git is the same as for the user bandit31.
Clone the repository and find the password for the next level.

Login Details

Server - bandit.labs.overthewire.org
Port - 2220
Username - bandit31
Password - OoffzGDlzhAlerFJ2cAiz1D41JW1Mhmt

Theory

git add command updates the index with the content that is staged for next commit. The files are not saved or updated in the git repository after git add but are made ready to be saved. There are multiple options available to be used with git add command. One which we will use in this level is "-f" that allows adding otherwise ignored files.

git commit command is used to commit(add/delete) files into the local copy of the repository. The flag "-m" is used to give commit message. If it is not used, then default text editor gets opened using which we can add the commit message.

git push command is used to make the changes to the remote repository. We need to specify the remote repository url which is by default saved in the variable "origin" for a repository that is cloned and the branch to which we want to push the changes.

.gitignore file specifies the files or extensions that should be ignored by commit. It is used to ignore certain files like logs or database files or other files as required.

Solution

SSH into the user bandit31 using the command "ssh bandit31@bandit.labs.overthewire.org -p 2220" and the above password. Create a directory in /tmp folder and clone the git repository in the new folder. 
Type the commands-:

• mkdir /tmp/temporary31git
• cd /tmp/temporary31git
• git clone ssh://bandit31-git@localhost:2220/home/bandit31-git/repo

Note- The port number needs to be placed after localhost otherwise the default port will be used to connect and it will fail.

Navigate into the repository and see the contents. Type the commands-:

• ls
• cd repo
• ls -la
• cat README.md
• cat .gitignore

The README.md file specifies the file details and asks us to push the file to the remote repository. Also notice that .gitignore file ignores the files ending with ".txt".

Lets create the file key.txt and try to push it. Type the commands-:

• echo 'May I come in?' > key.txt
• git add -f key.txt
• git commit -m "adding key.txt"
• git push origin master

Enter the password for bandit31 when asked. We will get the output for bandit32 in the output.

This completes Level 32 walkthrough as we have got the password. Please post your questions in the comment section.