 Hey guys, John Hammond here continuing on some of the bandit over-the-wire levels that just recently came out Looking at level 29 and it looks like they're up to like level 32 now So let's jump in this is another git repository that we can download once we connect to the user account So head on over to our terminal connect and let's make a directory for us to work in and Then we can get clone that repo Sweet yep, we will need the password there So let's just get that out throw it in our Great. All right. So we have the repository. Let's check out what this read me says It says, okay credentials for bandit 30, but no password in production So let's check out what other commits they might have been Initial can read me. Okay. Let's get show that Okay, that's the same thing Did I grab the wrong one or something? Whatever, let's try this one where it says we fix username. Oh, yeah, initially it was 30 though No, okay. It was originally it was 29 they fixed it to 30. So I see But still no change in the password Okay so this this note of No password in production makes me think of like well, this is the master branch, right? Like if I check out what branch of the development I'm on I only see that I am on master But that's what we have downloaded right now is our local copy, but there may be other remote branches or other like versions or Like functionality of the software that needs to still be developed if you're doing this in a real like github repository So there is typically a development branch so if I wanted to see all the other possible branches I can do get branch tack a and There's some notes here. Okay, we have remote origin head where we are currently for origin master Dev and master and sploice dev So let's check out some of these and the way we can do that is literally get check out and in the name of that branch great, okay, so Get logs you were at initial commit of read me blah blah blah. Let's check out what this one is can get show that and No password there Looks like it has just to ask you add data needed for developments. Was that the original one that we missed? Oh, yeah. Okay. Great. So just like that looks like we have the password for Bandit 30 if we wanted to we could again check out those other branches and That will let us explore whatever that sploice dev was and other things that they have in there but something that I like to do and this is probably pretty cheesy and a bad hack but Get log if I like to just grep for the commits and then I'll cut them up and get just the identifiers and I can scrape whatever I need if I don't want that last one But what I'll what I'll do up following that as I'll like a row Read line just pipe that into a while loop and then I'll do get show. I think it's no page or something And it'll yell at me if I'm wrong. Yeah, what is that in get show that doesn't paginate Sometimes it will just completely ignore it No, breathe All right, I'm gonna abort that mission We can just like we don't need that that argument I may be thinking of a completely different command who knows or no page or whatever But yeah, sometimes you can just pipe it all out and give that to less or whatever you want to do And you can just try and find like okay Here's everything in green or red that they actually modified or added in the repository By just using that Shot one ID all along another cool thing is get grep like if we wanted to get grep for password You could track down like okay Where was it? wherever in whatever many cases and that's a good way to just search for a specific thing in Wherever you are in your repository, whatever branch or whatever Commit message you're looking at etc. So keep those in mind But this challenge was just about checking out the different branches that you can access within that get repository. So Keep note of bandit 30 Again, we've got that password saved and now we can move on to that in the next video. So cool I want to give a small plug for the discord server that we just recently got started up After a stream that I tried for the first time this weekend It's a lot of cool people just kind of joking around having a great time jamming out talking about cyber talking about Programming talking about CTFs and hacking stuff So if you want to be part of that scene you want to hang out with other people that throw out memes and talk about code every now and again It's it's pretty cool. So please come chime in and we'll go through some more challenges and do it for real Along with that I want to give a special shout out to my supporters people that are giving me some love on patreon I cannot say thank you enough especially because this list is getting a little bit longer And it's it's really incredible to see you guys pour some love into this because I'm so so grateful You're willing to go on this adventure with me Thanks so much one dollar on patreon will give you a shout out just like this at the end of every video $5 a month on patreon will give you early access to any of the videos that I record Because normally I record in bulk and I'll release them slowly Uh, and youtube will just gradually deploy them one after another like day by day But if you want them all at once when the video is ready, uh, just five dollars a month that all takes Hey, if you did like this video, please do press that like button Maybe leave me a comment if you're willing if you're subscribed if you want to or and uh, check us out on discord Check me out on patreon go to my website John Hammond do all the cool sharing. Thanks. Thanks guys. See you next video