Bandit29->30
Level Goal
There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo via the port 2220. The password for the user bandit29-git is the same as for the user bandit29.
Clone the repository and find the password for the next level.
Commands useful to solve the level
Helpful Reading Material
- Branches in a nutshell See bandit27 and bandit28 for more helpful reading material
Where to start?
Once again, I'll assume that you already cloned the repository (see bandit27 for more informations).
Part 1 : Viewing all the branches
When we try to view the log and to show the differences in the repository, we don't get any relevant information.
Another great capability of git is the ability to branch. A branch is a line of development which is totally independent from all the others from
the point when it has been created.
Hint
By looking at the git-branch man page, can you figure out a way to list all the branches in the repository?
Solution
We want to list all the branches of the repository. Let's run the following command :
git branch -a
This will list all the local branches (which is only master at the moment) and all the remote tracking branches.
The following command outputs 3 branches : dev, master and sploits-dev. Let's now see if we can retrieve the password in one of these
two other branches.
Part 2 : Viewing the differences between the branches
Now that we know that there are multiple branches, we'll try to view the differences between the README.md file and the files on the other branches
Hint
Looking at the git-diff man page, can you figure out a way to view the differences between the master branch and the other branches?
Solution
Let's try and run the following command :
git diff remotes/origin/dev
We need to use remotes/origin/dev because the dev branch is not tracked locally. To track the remotes/origin/dev locally you'd have to run
git checkout devfirst.
When running the following command, we can see that the password is on the dev branch and use it to connect to the next level.
Full Solution
git branch -ato view all the branches in the repositorygit diff remotes/origin/devto view the changes between thedevbranch and the master branch
One key takeaway of this level may be the Git mantra : branch early and branch often
You can now jump to the next level