~ Level 28→29 ~

Log in to the OverTheWire server as user bandit28

We will first create a directory under /tmp so that we may work. Mine is known as /tmp/user. Proceed to change into that directory using cd /tmp/user We can now issue the command to clone the provided repository so that we may search for the password: git clone ssh://bandit28-git@localhost/home/bandit28-git/repo

You will be prompted again to confirm the connection and to enter the appropriate password. After these, confirmation will be provided once the repository is cloned.

Immediately use ls to list the contents, then use cd to move into the repo directory. Using ls again, we find a file by the name of README.md.

We are presented with text that provides the username and password associated with bandit29 though we see that the password itself is replaced with all X's. Going through the man pages, it is found that git log shows us information logs regarding commits of files that were uploaded, changed, or otherwise removed. Upon entering this command into the shell prompt, we see the following:

At the bottom we see the initial commit of the README.md file. The next commit says missing data was added, and the top-most commit states an info leak was fixed. Thinking through this, the bottom and top file do not show the password for one reason or another and the middle file will. We need to use the man pages to locate a command that will allow us to see the difference between each commit. Enter git diff

The third entry down in the synopsis section denotes the proper syntax to compare two commits. Our command will appear like this: git diff de2ebe2d5fd1598cd547f4d56247e053be3fdc38 c086d11a00c0648d095d04c089786efef5e01264

We've found the password! bbc96594b4e001778eee9975372716b2. Just like the last level, we want to remove our /tmp/user directory and all of its contents before continuing on. To do so, use rm -rf /tmp/user