OverTheWire - Bandit - Level 30 → Level 31

Warning: This post contains a solution!

Continue only if:
1.) you want to see a possible alternative solution or
2.) you are stuck and need a hint!


Connect to the server using the following credentials:

Server: bandit.labs.overthewire.org
Port: 2220
Username: bandit30
Password: 5b90576bedb2cc04c86a9e924ce42faf

Level Goal is:

There is a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo. The password for the user bandit30-git is the same as for the user bandit30.
Clone the repository and find the password for the next level.

Clone the repository and check folders/files.

λ git clone ssh://bandit30-git@bandit.labs.overthewire.org:2220/home/bandit30-git/repo
Cloning into 'repo'...
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit30-git@bandit.labs.overthewire.org password:
remote: Counting objects: 4, done.
remote: Total 4 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (4/4), done.

Y:\Sites\www.overthewire.org\bandit\level30_31
λ cd repo\

Y:\Sites\www.overthewire.org\bandit\level30_31\repo (master -> origin)
λ ls
README.md

Y:\Sites\www.overthewire.org\bandit\level30_31\repo (master -> origin)
λ cat README.md
just an epmty file... muahaha

Hmm, ok. First check if there are other branches available.

λ git branch -a
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/master

Doesn't look so. Take a look at the git log.

λ git log
commit 3aa4c239f729b07deb99a52f125893e162daac9e (HEAD -> master, origin/master, origin/HEAD)
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:44 2018 +0200

    initial commit of README.md

Also nothing interesting here.
Next check if there are tags.

λ git tag -l
secret

One tag named secret found. Checking the content reveals the password.

λ git show secret
47e603bb428404d265f59c42920d81e5
Show Comments