Bandit29
Website URL: http://overthewire.org/wargames/bandit/bandit29.html
Let’s log into the server as bandit28
The task is as follows:
There is a git repository at
ssh://bandit28-git@localhost/home/bandit28-git/repo. The password for the userbandit28-gitis the same as for the userbandit28.
Clone the repository and find the password for the next level.
This level is identical to the previous level ( here ). As was done there, we can create a working directory, clone the repository.
mkdit /tmp/bandit29solving2018
cd /tmp/bandit29solving2018
git clone ssh://bandit28-git@localhost/home/bandit28-git/repo
Now, let’s try the same steps as before, see what’s there in the files of the repo.
Umm, it seems this time, the password isn’t directly stored in the README.md. At least not in the one we see. Since it’s a github repository, let’s see it’s history.
git log
So, there have been changes made in this file. Particularly, the commit 073c27c130e6ee407e12faad1dd3848a110c4f95 by Morla Porla caught my attention. The message states “fix info leak”, let’s try finding out what the info leak was.
Since it refers to the last commit, this should be pretty easy.
git show HEADMission accomplished!