Level Goal
There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29. Clone the repository and find the password for the next level.
Commands you may need to solve this level: git
Walkthrough
So lets rename the folder repo we made in the last challange, because the folder we want to clone is called repo aswell. $ mv repo repo28
. Lets go into the directory $ cd repo
and see what is in it $ ls -la
.
So lets cat the README.md file. $ cat README.md
. It states:
# Bandit Notes Some notes for bandit30 of bandit. ## credentials - username: bandit30 - password:
Okay so lets try what we did on the last bandit challange. See the commits with $ git log
.
ad6c5650 diff --git a/README.md b/README.md index 1af21d3..2da2f39 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,6 @@ Some notes for bandit30 of bandit. ## credentials -- username: bandit30 +- username: bandit29 - password:
So it removed the username bandit30 and added bandit29. Interesting, no passwords in production so maybe there is a github that is not in production or a version that isn’t. With $ git branch
we can see on wich branch we are, we are on master. But can we see any others?
So I googled and I came to the command $ git show-branch --all
. Tried it and this was the output:
* [master] fix username ! [origin/HEAD] fix username ! [origin/dev] add data needed for development ! [origin/master] fix username ! [origin/sploits-dev] add some silly exploit, just for shit and giggles ----- + [origin/sploits-dev] add some silly exploit, just for shit and giggles + [origin/dev] add data needed for development + [origin/dev^] add gif2ascii *++++ [master] fix username
Okay there is some interesting stuff. Lets lookup how we can get into these. I tried different git checkout commands like $ git checkout -b origin/dev
but this made a new branch? So after some googling and looking on stackoverflow I found this command. $ git remote show
which shows me the origin, then I tried $ git remote show origin
and found three different remote branches wich looked familair.
* remote origin Fetch URL: ssh://bandit29-git@localhost/home/bandit29-git/repo Push URL: ssh://bandit29-git@localhost/home/bandit29-git/repo HEAD branch: master Remote branches: dev tracked master tracked sploits-dev tracked Local branch configured for 'git pull': master merges with remote master Local ref configured for 'git push': master pushes to master (up to date)
Lets do some more googling in how I can get these. I came up on This stackoverflow page and found the command $ git checkout
. Lets try $ git checkout dev
It gave me this output:
git checkout dev Branch dev set up to track remote branch dev from origin. Switched to a new branch 'dev
Seems like we switched to the development branch, this should not be the production branch. So lets see the contents of the readme.md file now. $ cat README.md
and there is the password.
# Bandit Notes Some notes for bandit30 of bandit. ## credentials - username: bandit30 - password: 5b90576bedb2cc04c86a9e924ce42faf