Clone with a Difference
Difficulty:
Shown in Report
Bow Ninecandle is wearing a blue hat and is standing next to a terminal located on a small platform.
Objective Image
Back
Challenge

Clone a code repository. Get hints for this challenge from Bow Ninecandle in the Elfen Ring.

Solution

After talking to Bow Ninecandle you will receive following hint:

HTTPS Git Cloning

There's a consistent format for Github repositories cloned via HTTPS. Try converting!

Let's open the terminal:

We just need you to clone one repo: git clone git@haugfactory.com:asnowball/aws_scripts.git 
This should be easy, right?

Thing is: it doesn't seem to be working for me. This is a public repository though. I'm so confused!

Please clone the repo and cat the README.md file.
Then runtoanswer and tell us the last word of the README.md file!

As we don't have SSH access, let's just try to convert the URL into an HTTPS scheme. You just need to be aware where the single elements (repo server, project owner, repository name) are "placed":

bow@74c201af2077:~$ git clone https://haugfactory.com/asnowball/aws_scripts.git
Cloning into 'aws_scripts'...
remote: Enumerating objects: 64, done.
remote: Total 64 (delta 0), reused 0 (delta 0), pack-reused 64
Unpacking objects: 100% (64/64), 23.83 KiB | 1.49 MiB/s, done.

Let's find and analyze that file:

bow@74c201af2077:~$ find ./ -name "README.md"
./aws_scripts/README.md

bow@74c201af2077:~$ tail -n 1 ./aws_scripts/README.md 
If you have run out of energy or time for your project, put a note at the top of the README saying that development has slowed down or stopped completely. Someone may choose to fork your project or volunteer to step in as a maintainer or owner, allowing your project to keep going. You can also make an explicit request for maintainers.

bow@74c201af2077:~$ runtoanswer 
                                        Read that repo!
What's the last word in the README.md file for the aws_scripts repo?

> maintainers
Your answer: maintainers

Checking......
Your answer is correct!

We have solved that challenge and get the confirmation:
Find the Next Objective
Talk to Bow Ninecandle for the next objective.

We get following hints:

Over-Permissioned

When users are over-privileged, they can often act as root. When containers have too many permissions, they can affect the host!

Mount Up and Ride

Were you able to mount up? If so, users' home/ directories can be a great place to look for secrets...