There is a git repository at ssh://bandit28-git@bandit.labs.overthewire.org/home/bandit28-git/repo via the port 2220. The password for the user bandit28-git is the same as for the user bandit28.

 

Clone the repository and find the password for the next level.

 

hint: git

 

 

 

문제는 전 문제와 동일한 형식이니까 빠르게 repo 디렉토리를 clone 해보겠습니다

┌──(miso㉿KimMDR)-[~]
└─$ git clone ssh://bandit28-git@bandit.labs.overthewire.org:2220/home/bandit28-git/repo


Cloning into 'repo'...
                         _                     _ _ _
                        | |__   __ _ _ __   __| (_) |_
                        | '_ \ / _` | '_ \ / _` | | __|
                        | |_) | (_| | | | | (_| | | |_
                        |_.__/ \__,_|_| |_|\__,_|_|\__|


                      This is an OverTheWire game server.
            More information on http://www.overthewire.org/wargames

backend: gibson-0
bandit28-git@bandit.labs.overthewire.orgs password:
remote: Enumerating objects: 9, done.
remote: Counting objects: 100% (9/9), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 9 (delta 2), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (9/9), done.
Resolving deltas: 100% (2/2), done.

┌──(miso㉿KimMDR)-[~]
└─$ ls
bandit13  password.txt  repo

 

 

 

README.md 파일을 읽어봅시다

┌──(miso㉿KimMDR)-[~]
└─$ ls
bandit13  password.txt  repo

┌──(miso㉿KimMDR)-[~]
└─$ cd repo/

┌──(miso㉿KimMDR)-[~/repo]
└─$ ls
README.md

┌──(miso㉿KimMDR)-[~/repo]
└─$ cat README.md
# Bandit Notes
Some notes for level29 of bandit.

## credentials

- username: bandit29
- password: xxxxxxxxxx

 

 

비번 안알려주고 어떻게 들어가라는건가 했는데 git의 log를 볼 수 있다고 합니다. 봐봅시다

┌──(miso㉿KimMDR)-[~/repo]
└─$ git log
commit b0354c7be30f500854c5fc971c57e9cbe632fef6 (HEAD -> master, origin/master, origin/HEAD)
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 14 09:26:19 2025 +0000

    fix info leak

commit d0cf2ab7dd7ebc6075b59102a980155268f0fe8f
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 14 09:26:19 2025 +0000

    add missing data

commit bd6bc3a57f81518bb2ce63f5816607a754ba730d
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 14 09:26:18 2025 +0000

    initial commit of README.md

 

 

 

총 세 번의 수정이 들어갔죠? 

  • fix info leak: 정보 유출 수정
  • add missing data: 누락된 데이터 추가
  • initial commit of README.md: README.md 커밋

아까 README.md 파일에 쓰여져있던 password 부분일 것 같슴둥

첫 번째 수정을 읽어봅시다

┌──(miso㉿KimMDR)-[~/repo]
└─$ git show b0354c7be30f500854c5fc971c57e9cbe632fef6  '<--수정된거 읽기'
commit b0354c7be30f500854c5fc971c57e9cbe632fef6 (HEAD -> master, origin/master, origin/HEAD)
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 14 09:26:19 2025 +0000

    fix info leak

diff --git a/README.md b/README.md
index d4e3b74..5c6457b 100644
--- a/README.md
+++ b/README.md
@@ -4,5 +4,5 @@ Some notes for level29 of bandit.
 ## credentials

 - username: bandit29
-- password: 4pT1t5DENaYuqnqvadYs1oE4QLCdjmJ7
+- password: xxxxxxxxxx

 

 

기존에 노출돼있는 password를 xxxxxx로 바꿨네요 

'bandit' 카테고리의 다른 글

[OverTheWire] bandit 30 -> 31  (0) 2025.12.13
[OverTheWire] bandit 29 -> 30  (0) 2025.12.12
[OverTheWire] bandit27 -> 28  (0) 2025.12.10
[OverTheWire] bandit 25 -> 27  (0) 2025.12.04
[OverTheWire] bandit 24 -> 25  (0) 2025.11.30

티스토리툴바