Compare commits

...

6 Commits

Author SHA1 Message Date
waldek fa2f39964e cleans up bandit responses 2021-04-12 17:51:09 +02:00
waldek ba940953bb Merge branch 'master' of https://gitea.86thumbs.net/vl4dd/LinuxSysAdminsDoc
Pulls in Vladimir's updates after class
2021-04-12 17:42:00 +02:00
vl4dd 6cc918cf54 adds notes to bandit wargame 2021-04-12 16:32:17 +02:00
vl4dd 1f670edfe7 Merge branch 'master' of https://gitea.86thumbs.net/vl4dd/LinuxSysAdminsDoc 2021-04-12 03:03:48 -04:00
vl4dd 6d39b21157 Adds bandit notes and materials 2021-04-12 03:02:52 -04:00
waldek 01a7cdf3ef starts a cleanup of the fracz exercize.md file 2021-04-10 13:05:48 +02:00
4 changed files with 222 additions and 16 deletions

View File

@ -1,51 +1,71 @@
# FRACZ
# [Git Exercises](https://gitexercises.fracz.com/)
Fracz is a good excercize to learn basic and advanced git command.
Go to the [website](https://gitexercises.fracz.com/) and follow the instructions to start the game.
Make sure you have git installed onto the machine you want to do the excercize on.
## 1. Exercise: Push a commit you have made
### Instructions
The first exercise is to push a commit that is created when you run the git start command.
### Instructions
The first exercise is to push a commit that is created when you run the git start command.
Just try git verify after you have initialized the exercises and be proud of passing the first one :-)
### commands
### Commands
>git push
```bash
git push
```
## 2. Exercise: Commit one file
### Instructions
There are two files created in the root project directory - **A.txt** and **B.txt**.
The goal is to commit only one of them.
NOTE: Remember that you can submit your solutions with **git verify** command instead of **git push**.
### The easiest solution
**TODO**
#### Further info
You prepare changes to be committed with **git add <file>** command. It adds files from working area to staging area. Only files that are in staging area will be included in the commit when you run the **git commit** command.
Remember that you can **git add -A** to add all changed files to staging area. You can also do this in air with **-a** option for **git commit**, e.g.
### commands
### Commands
>git commit -am "Some Commit Message"
```bash
git commit -am "Some Commit Message"
```
## 3. Commit one file of two currently staged
Instructions
There are two files created in the root project directory - **A.txt** and **B.txt**. They are both added to the staging area.
### Instructions
There are two files created in the root project directory - **A.txt** and **B.txt**. They are both added to the staging area.
The goal is to commit only one of them.
## The easiest solution
### The easiest solution
**TODO**
### Further info
When you have added too many changes to staging area, you can undo them with **git reset <file>** command before the **git commit**.
## The easiest solution
### The easiest solution
**TODO**
### Further info
When you have added too many changes to staging area, you can undo them with **git reset <file>** command before the **git commit**.
### commands
### Commands
```bash
$ git status
@ -65,6 +85,7 @@ $ git restore --staged B.txt
## 4. Ignore unwanted files
### Instructions
It is often good idea to tell Git which files it should track and which it should not. Developers almost always do not want to include generated files, compiled code or libraries into their project history.
Your task is to create and commit configuration that would ignore:
@ -76,7 +97,9 @@ the whole **libraries** directory
Sample files are generated for you.
### The easiest solution
### Further info
A **.gitignore** file specifies intentionally untracked files that Git should ignore.
To ignore all files with specific string inside filename, just type it in, i.e. **dumb** To ignore all files with specific extension use wildcard, i.e. **.exe** To ignore the whole directories, put a slash in the end of the rule, i.e. **libraries/** To specify full path from the **.gitignore** location start rule with slash, i.e. **/libraries**
@ -286,7 +309,9 @@ It's also worth to read the [Basic Branching and Merging](http://git-scm.com/boo
```
## 7. Saving your work
### Instructions
You are working hard on a regular issue while your boss comes in and wants you to fix a bug. State of your current working area is a total mess so you don't feel comfortable with making a commit now. However, you need to fix the found bug ASAP.
Git lets you to save your work on a side and continue it later. Find appropriate Git tool and use it to handle the situation appropriately.
@ -327,7 +352,8 @@ Last thing to remember is that stashes are only local - you can't push them to r
See Stashing in the Git Book.
# commands
# Commands
```bash
149 **git stash**
150 **git pull**
@ -352,10 +378,13 @@ See Stashing in the Git Book.
```
## 8. Change branch history
### Instructions
You were working on a regular issue while your boss came in and told you to fix recent bug in an application. Because your work on the issue hasn't been done yet, you decided to go back where you started and do a bug fix there.
Your repository look like this:
```
HEAD
@ -368,7 +397,9 @@ A <----- B
|
hot-bugfix
```
Now you realized that the bug is really annoying and you don't want to continue your work without the fix you have made. You wish your repository looked like you started after fixing a bug.
```
HEAD
@ -379,7 +410,9 @@ A <----- C <----- B
|
hot-bugfix
```
Achieve that.
### Hint
You need to use [git rebase](https://git-scm.com/docs/git-rebase) command.

117
wargames/bandit/notes.md Normal file
View File

@ -0,0 +1,117 @@
# Notes
## Rules
* USERNAMES are somegame0, somegame1, ...
* Most LEVELS are stored in /somegame/.
* PASSWORDS for each level are stored in /etc/somegame_pass/.
It is advised to create a working directory with a hard-to-guess name in /tmp/.
You can use the command `mktemp -d` in order to generate a random and hard to guess directory in /tmp/.
Read-access to both `/tmp/` and `/proc/` is disabled so that users can not snoop on eachother.
For example: `/tmp/lolipopzalondo`
## Passwd
- bandit0 = bandit0
- bandit1 = boJ9jbbUNNfktd78OOpsqOltutMc3MY1
- bandit2 = CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
- bandit3 = UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
- bandit4 = pIwrPrtPN36QITSp3EQaw936yaFoFgAB
- bandit5 = koReBOKuIDDepwhWk7jZC0RTdopnAYKh
- bandit6 = DXjZPULLxYr17uwoI01bNLQbtFemEgo7
- bandit7 = HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
- bandit8 = cvX2JJa4CFALtqS87jk27qwqGhBM9plV
- bandit9 = UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
- bandit10 = truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
- bandit11 = IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
- bandit12 = 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
- bandit13 = 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
- bandit14 = 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
- bandit15 = BfMYroe26WYalil77FoDi9qh59eK5xNr
- bandit16 = cluFn7wTiGryunymYOu4RcffSxQluehd
- bandit17 = kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd
- bandit18 = IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
- bandit19 = IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
- bandit20 = GbKksEFF4yrVs6il55v6gwY5aVje5f0j
- bandit21 =
## CMD
### Level 5
```bash
find . -size 1033c
```
### Level 7
```bash
find / -size 33c -type f -group bandit6 -user bandit7
```
### Level 8
```bash
cat data.txt | sort | uniq -u
```
### Level 9
```bash
at data.txt | strings | grep ====
```
### Level 10
```bash
base64 -d data.txt
```
### Level 11
```bash
alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'" && cat data.txt | rot13
```
### Level 12
```bash
xxd -r data.txt reverse.tgz
file reverse
mv reverse reverse.gzip
gzip -d reverse.gz
tar -xvf data6.tar
file data8.bin
mv data8.bin data8.gz
gzip -d data8.gz
```
### Level 14
```bash
echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
```
### Level 15
```bash
openssl s_client -crlf -connect localhost:30001
```
### Level 18
```bash
ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
```
### Level 19
```bash
./bandit20-do cat /etc/bandit_pass/bandit20
```
## Questions
- tr function
- nc

28
wargames/bandit/ssh_key Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAxkkOE83W2cOT7IWhFc9aPaaQmQDdgzuXCv+ppZHa++buSkN+
gg0tcr7Fw8NLGa5+Uzec2rEg0WmeevB13AIoYp0MZyETq46t+jk9puNwZwIt9XgB
ZufGtZEwWbFWw/vVLNwOXBe4UWStGRWzgPpEeSv5Tb1VjLZIBdGphTIK22Amz6Zb
ThMsiMnyJafEwJ/T8PQO3myS91vUHEuoOMAzoUID4kN0MEZ3+XahyK0HJVq68KsV
ObefXG1vvA3GAJ29kxJaqvRfgYnqZryWN7w3CHjNU4c/2Jkp+n8L0SnxaNA+WYA7
jiPyTF0is8uzMlYQ4l1Lzh/8/MpvhCQF8r22dwIDAQABAoIBAQC6dWBjhyEOzjeA
J3j/RWmap9M5zfJ/wb2bfidNpwbB8rsJ4sZIDZQ7XuIh4LfygoAQSS+bBw3RXvzE
pvJt3SmU8hIDuLsCjL1VnBY5pY7Bju8g8aR/3FyjyNAqx/TLfzlLYfOu7i9Jet67
xAh0tONG/u8FB5I3LAI2Vp6OviwvdWeC4nOxCthldpuPKNLA8rmMMVRTKQ+7T2VS
nXmwYckKUcUgzoVSpiNZaS0zUDypdpy2+tRH3MQa5kqN1YKjvF8RC47woOYCktsD
o3FFpGNFec9Taa3Msy+DfQQhHKZFKIL3bJDONtmrVvtYK40/yeU4aZ/HA2DQzwhe
ol1AfiEhAoGBAOnVjosBkm7sblK+n4IEwPxs8sOmhPnTDUy5WGrpSCrXOmsVIBUf
laL3ZGLx3xCIwtCnEucB9DvN2HZkupc/h6hTKUYLqXuyLD8njTrbRhLgbC9QrKrS
M1F2fSTxVqPtZDlDMwjNR04xHA/fKh8bXXyTMqOHNJTHHNhbh3McdURjAoGBANkU
1hqfnw7+aXncJ9bjysr1ZWbqOE5Nd8AFgfwaKuGTTVX2NsUQnCMWdOp+wFak40JH
PKWkJNdBG+ex0H9JNQsTK3X5PBMAS8AfX0GrKeuwKWA6erytVTqjOfLYcdp5+z9s
8DtVCxDuVsM+i4X8UqIGOlvGbtKEVokHPFXP1q/dAoGAcHg5YX7WEehCgCYTzpO+
xysX8ScM2qS6xuZ3MqUWAxUWkh7NGZvhe0sGy9iOdANzwKw7mUUFViaCMR/t54W1
GC83sOs3D7n5Mj8x3NdO8xFit7dT9a245TvaoYQ7KgmqpSg/ScKCw4c3eiLava+J
3btnJeSIU+8ZXq9XjPRpKwUCgYA7z6LiOQKxNeXH3qHXcnHok855maUj5fJNpPbY
iDkyZ8ySF8GlcFsky8Yw6fWCqfG3zDrohJ5l9JmEsBh7SadkwsZhvecQcS9t4vby
9/8X4jS0P8ibfcKS4nBP+dT81kkkg5Z5MohXBORA7VWx+ACohcDEkprsQ+w32xeD
qT1EvQKBgQDKm8ws2ByvSUVs9GjTilCajFqLJ0eVYzRPaY6f++Gv/UVfAPV4c+S0
kAWpXbv5tbkkzbS0eaLPTKgLzavXtQoTtKwrjpolHKIHUz6Wu+n4abfAIRFubOdN
/+aLoRQ0yBDRbdXMsZN/jvY44eM+xRLdRVyMmdPtP8belRi2E2aEzA==
-----END RSA PRIVATE KEY-----

View File

@ -0,0 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6Lzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1O4f7HVm6EpTscdDxU+bCXWkfjuRb7Dy9GOtt9JPsX8MBTakzh3
vBgsyi/sN3RqRBcGU40fOoZyfAMT8s1m/uYv52O6IgeuZ/ujbjY=
-----END RSA PRIVATE KEY-----