There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo. The password for the user bandit28-git is the same as for the user bandit28. Clone the repository and find the password for the next level.
Commands you may need to solve this level: git
So lets rename the folder repo we made in the last challange, because the folder we want to clone is called repo aswell.
mv repo repo27. Lets go into the directory
cd repo and see what is in it
ls -la. There is a readme file. Lets cat this file
Okay so there is a username and password in here with xxxx. Lets see what we can do with the git command.
# Bandit Notes Some notes for level29 of bandit. ## credentials - username: bandit29 - password: xxxxxxxxxx
man git. There is a command git-diff to see changed between commits. Lets use this and see what we can see.
git-diff. The command doesn’t work, manpage doesn’t explain much so lets google.
Then I found this
git diff --cached [filename] // compare the index with local repository. You can also compare files between two different commits. Every commit in Git has a commit id which you can get when you give git log. Then you can use the commit id if diff command like this.
So lets use git log to get the git commit ids
git log. Here we see the following 3 commits:
commit 073c27c130e6ee407e12faad1dd3848a110c4f95 Author: Morla Porla
Date: Tue Oct 16 14:00:39 2018 +0200 fix info leak commit 186a1038cc54d1358d42d468cdc8e3cc28a93fcb Author: Morla Porla Date: Tue Oct 16 14:00:39 2018 +0200 add missing data commit b67405defc6ef44210c53345fc953e6a21338cc7 Author: Ben Dover Date: Tue Oct 16 14:00:39 2018 +0200 initial commit of README.md
Lets see the diffrence between 186a1038cc54d1358d42d468cdc8e3cc28a93fcb and 073c27c130e6ee407e12faad1dd3848a110c4f95.
git diff 186a1038cc54d1358d42d468cdc8e3cc28a93fcb 073c27c130e6ee407e12faad1dd3848a110c4f95
This is the output:
110c4f95 diff --git a/README.md b/README.md index 3f7cee8..5c6457b 100644 --- a/README.md +++ b/README.md @@ -4,5 +4,5 @@ Some notes for level29 of bandit. ## credentials - username: bandit29 -- password: bbc96594b4e001778eee9975372716b2 +- password: xxxxxxxxxx
I think we found the password: bbc96594b4e001778eee9975372716b2, double check with sshen in bandit29, and it is!