Level28

Level Goal

There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo. The password for the user bandit28-git is the same as for the user bandit28.

Solution

As with the previous level, we will need to use git to solve this one. If we follow the same steps as the last level we will see that there is a README in this repo as well, but the password written in there was obfuscated.

root@0xCAB: /writeups/overthewire/bandit/level28/

$ la repo
.git README.md

$ cat README
Some notes for level29 of bandit.
- username: bandit29
- password: xxxxxxxxxx

$

Maybe this was done after they realized it was very bad practice to commit sensitive information in a git repository. We can check the commit logs and see if anything sticks out.

root@0xCAB: /writeups/overthewire/bandit/level28/

$ git log
commit 43032edb2fb868dea2ceda9cb3882b2c336c09ec (HEAD -> master, origin/master, origin/HEAD)
Author: Morla Porla
Date: Thu Sep 1 06:30:25 2022 +0000
fix info leak
...

$

The message on that commit looks interesting. We can use git show to see what changed in that commit and see what info they tried to remove.

root@0xCAB: /writeups/overthewire/bandit/level28/

$ git show 43032edb2fb868dea2ceda9cb3882b2c336c09ec
commit 43032edb2fb868dea2ceda9cb3882b2c336c09ec (HEAD -> master, origin/master, origin/HEAD)
Author: Morla Porla
Date: Thu Sep 1 06:30:25 2022 +0000
fix info leak
diff --git a/README.md b/README.md
index b302105..5c6457b 100644
--- a/README.md
+++ b/README.md
@@ -4,5 +4,5 @@ Some notes for level29 of bandit.
## credentials
- username: bandit29
-- password: tQKvmcwNYcFS6vmPHIUSI3ShmsrQZK8S
+- password: xxxxxxxxxx

$