Level Goal
There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29. Clone the repository and find the password for the next level.

Commands you may need to solve this level: git

Walkthrough
So lets rename the folder repo we made in the last challange, because the folder we want to clone is called repo aswell. $ mv repo repo28. Lets go into the directory $ cd repo and see what is in it $ ls -la.

So lets cat the README.md file. $ cat README.md. It states:

# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: 

Okay so lets try what we did on the last bandit challange. See the commits with $ git log.

ad6c5650
diff --git a/README.md b/README.md
index 1af21d3..2da2f39 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,6 @@ Some notes for bandit30 of bandit.

 ## credentials

-- username: bandit30
+- username: bandit29
 - password: 

So it removed the username bandit30 and added bandit29. Interesting, no passwords in production so maybe there is a github that is not in production or a version that isn’t. With $ git branch we can see on wich branch we are, we are on master. But can we see any others?

So I googled and I came to the command $ git show-branch --all. Tried it and this was the output:

* [master] fix username
 ! [origin/HEAD] fix username
  ! [origin/dev] add data needed for development
   ! [origin/master] fix username
    ! [origin/sploits-dev] add some silly exploit, just for shit and giggles
-----
    + [origin/sploits-dev] add some silly exploit, just for shit and giggles
  +   [origin/dev] add data needed for development
  +   [origin/dev^] add gif2ascii
*++++ [master] fix username

Okay there is some interesting stuff. Lets lookup how we can get into these. I tried different git checkout commands like $ git checkout -b origin/dev but this made a new branch? So after some googling and looking on stackoverflow I found this command. $ git remote show which shows me the origin, then I tried $ git remote show origin and found three different remote branches wich looked familair.

* remote origin
  Fetch URL: ssh://bandit29-git@localhost/home/bandit29-git/repo
  Push  URL: ssh://bandit29-git@localhost/home/bandit29-git/repo
  HEAD branch: master
  Remote branches:
    dev         tracked
    master      tracked
    sploits-dev tracked
  Local branch configured for 'git pull':
    master merges with remote master
  Local ref configured for 'git push':
    master pushes to master (up to date)

Lets do some more googling in how I can get these. I came up on This stackoverflow page and found the command $ git checkout. Lets try $ git checkout dev It gave me this output:

git checkout dev
Branch dev set up to track remote branch dev from origin.
Switched to a new branch 'dev

Seems like we switched to the development branch, this should not be the production branch. So lets see the contents of the readme.md file now. $ cat README.md and there is the password.

# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: 5b90576bedb2cc04c86a9e924ce42faf

Leave a Reply

Your email address will not be published. Required fields are marked *