OverTheWire - Bandit - Level 29 → Level 30

Warning: This post contains a solution!

Continue only if:
1.) you want to see a possible alternative solution or
2.) you are stuck and need a hint!


Connect to the server using the following credentials:

Server: bandit.labs.overthewire.org
Port: 2220
Username: bandit29
Password: bbc96594b4e001778eee9975372716b2

Level Goal is:

There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29.
Clone the repository and find the password for the next level.

Clone the repository and check folders/files.

Y:\Sites\www.overthewire.org\bandit\level29_30
λ git clone ssh://bandit29-git@bandit.labs.overthewire.org:2220/home/bandit29-git/repo
Cloning into 'repo'...
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit29-git@bandit.labs.overthewire.org password:
remote: Counting objects: 16, done.
remote: Compressing objects: 100% (11/11), done.
remote: Total 16 (delta 2), reused 0 (delta 0)
Receiving objects: 100% (16/16), done.
Resolving deltas: 100% (2/2), done.

Y:\Sites\www.overthewire.org\bandit\level29_30
λ cd repo\

Y:\Sites\www.overthewire.org\bandit\level29_30\repo (master -> origin)
λ cat README.md
# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: <no passwords in production!>

The comment '<no passwords in production!>' sounds like there is a development branch exisiting in the repository. Check existing branches:

λ git branch -a
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/dev
  remotes/origin/master
  remotes/origin/sploits-dev

Change branch to origin/dev and take a look at the content of the file README .

λ git checkout origin/dev
Note: switching to 'origin/dev'.

[...]

HEAD is now at 33ce2e9 add data needed for development

Y:\Sites\www.overthewire.org\bandit\level29_30\repo (HEAD detached at 33ce2e9 -> origin)
λ cat README.md
# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: 5b90576bedb2cc04c86a9e924ce42faf
Show Comments