

Level 30

Objectives

1. SSH to bandit29
2. Clone the repo

Objective 1

• Username: bandit29
• Password: bbc96594b4e001778eee9975372716b2
• Port: 2220
• IP/Hostname: bandit.labs.overthewire.org

user@localhost:~$ ssh -p 2220 [email protected]

Success!

Objective 2

Create a working directory in /tmp.

Clone the ssh://bandit29-git@localhost/home/bandit29-git/repo repo they give us and use the same password.

bandit29@bandit:/tmp/dirwalk$ git clone ssh://bandit29-git@localhost/home/bandit29-git/repo

There's a README.md file. We should read what it has to say.

bandit29@bandit:/tmp/dirwalk$ cat repo/README.md 
# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: <no passwords in production!>

To me, this indicates the use of git branches, since that's how you typically separate code in testing vs production.

bandit29@bandit:/tmp/dirwalk$ git branch -r
  origin/HEAD -> origin/master
  origin/dev
  origin/master
  origin/sploits-dev
bandit29@bandit:/tmp/dirwalk$ git checkout dev
Previous HEAD position was 2af54c5... add some silly exploit, just for shit and giggles
Branch dev set up to track remote branch dev from origin.
Switched to a new branch 'dev'
bandit29@bandit:/tmp/dirwalk$ ls
code  README.md

Now we see some stuff. Let's check the README.md.

bandit29@bandit:/tmp/dirwalk$ cat README.md 
# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: 5b90576bedb2cc04c86a9e924ce42faf