Level 30

Log into the server as bandit30 and the password.

There is a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo. The password for the user bandit30-git is the same as for the user bandit30.

Well, git repositories seem to be quite popular. I do the same spiel again.

bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ ls
README.md
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ cat README.md 
just an epmty file... muahaha

Okay, so there is no information here. I check to see if there is anything in the logs or data associated with this commit.

bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git log
commit 3aa4c239f729b07deb99a52f125893e162daac9e
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:44 2018 +0200

    initial commit of README.md
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git diff
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git sho
shortlog      show          show-branch
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git sho
shortlog      show          show-branch
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git show
commit 3aa4c239f729b07deb99a52f125893e162daac9e
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:44 2018 +0200

    initial commit of README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..029ba42
--- /dev/null
+++ b/README.md
@@ -0,0 +1 @@
+just an epmty file... muahaha

Negative. Next I check for branches and tags.

bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git branch -a
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/master
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git tag
secret

This seems promising — there are no other branches to speak of, but there is a tag named secret. Can I check it out?

bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git checkout secret
fatal: reference is not a tree: secret

Seems like I can't. Now, a tag in git is simply a name for a SHA1 hash. So, what if the hash it points to is the actual secret? I retrieve it.

bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$ git show secret
47e603bb428404d265f59c42920d81e5
bandit30@bandit:/tmp/tmp.ncBHJehwXo/repo$

Just to be sure, I check if I can log in to the next level with this, and it works, so this is it.