Information
Room#
- Name: Git Happens
- Profile: tryhackme.com
- Difficulty: Easy
- Description: Boss wanted me to create a prototype, so here it is! We even used something called "version control" that made deploying this really easy!
Write-up
Overview#
Install tools used in this WU on BlackArch Linux:
1 | $ sudo pacman -S nmap gittools |
Network enumeration#
Nmap service and port enumeration scan:
1 | # Nmap 7.93 scan initiated Mon Apr 10 20:25:51 2023 as: nmap -sSVC -T4 -p- -v --open --reason -oA nmap 10.10.47.113 |
There is only a web application.
Web discovery#
The nmap script http-git
already found there is a git repository exposed.
We can dump it with gittools
.
1 | $ gittools-gitdumper http://10.10.47.113/.git/ git-repo |
Then we can check the history of modifications if there is something juicy.
1 | $ git log -p |
There are two interesting commits were the password hash of the admin:
1 | $ git log -p d954a99b96ff11c37a558a5d93ce52d0f3702a7d |
There are also two with the password in cleartext:
1 | $ git log -p e56eaa8e29b589976f33d76bc58a0c4dfb9315b1 |
And that's all, the room was just about finding the password.