Level29

Level Goal

There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29.

Solution

As with the previous two levels, we will need to use git to solve this one. If we follow the same steps as the last level we will see that there is a README in this repo as well, but it says “no passowrds in production” in it.

root@0xCAB: /writeups/overthewire/bandit/level29/

$ la repo
.git README.md

$ cat repo/README.md
# Bandit Notes
Some notes for bandit30 of bandit.
## credentials
- username: bandit30
- password:

$

Checking the git logs and previous commits doesn’t give us anything. We can check to see what branches are available.

root@0xCAB: /writeups/overthewire/bandit/level29/

$ git branch -a
* master
remotes/origin/HEAD -> origin/master
remotes/origin/dev
remotes/origin/master
remotes/origin/sploits-dev

$

The README said there were no passwords in production so let’s check the dev branch. We can checkout that branch from the remote. When we check the README in that branch we see the password for bandit30.

root@0xCAB: /writeups/overthewire/bandit/level29/

$ git checkout origin/dev
Note: switching to 'origin/dev'.
...
HEAD is now at 2b1395f add data needed for development

$ git branch
* (HEAD detached at origin/dev)
master

$ cat README
Some notes for bandit30 of bandit.
- username: bandit30
- password: xbhV3HpNGlTIdnjUrdAlPzc2L6y9EOnS

$