Home front-page port 80-shoopyu Illumination | HackTheBox | Forensics Challange
Post
Cancel

front-page port 80-shoopyu Illumination | HackTheBox | Forensics Challange

Posted Dec 10, 2022
By sujay adkesar
1 min read

Screenshot 2022-12-23 201912

Illumination

Files Provided

There’s only one file is provided which has sub directories as follows

1
2
3
4

|--Illumination.JS
   |-------.git
   |-------config.json
   |-------bot.js

ls -a

cat config.json

1
2
3
4
5
6
7

{
        "token": "Replace me with token when in use! Security Risk!",
        "prefix": "~",
        "lightNum": "1337",
        "username": "UmVkIEhlcnJpbmcsIHJlYWQgdGhlIEpTIGNhcmVmdWxseQ==",
        "host": "127.0.0.1"
}

Hmmm, that top line is interesting. The token has been replaced for a security risk. There is a chance a developer has left this in the git logs. That’s what we can look at next. To do this just traverse in the terminal into the folder holding the .git. This is what you’ll see when you use the command:

1

git log

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

commit edc5aabf933f6bb161ceca6cf7d0d2160ce333ec (er)
Author: SherlockSec <dan@lights.htb>
Date:   Fri May 31 14:16:43 2019 +0100

    Added some whitespace for readability!

commit 47241a47f62ada864ec74bd6dedc4d33f4374699
Author: SherlockSec <dan@lights.htb>
Date:   Fri May 31 12:00:54 2019 +0100

    Thanks to contributors, I removed the unique was a security risk. Thanks for reporting respons

commit ddc606f8fa05c363ea4de20f31834e97dd527381
Author: SherlockSec <dan@lights.htb>
Date:   Fri May 31 09:14:04 2019 +0100

    Added some more comments for the lovely contrnks for helping out!

commit 335d6cfe3cdc25b89cae81c50ffb957b86bf5a4a
Author: SherlockSec <dan@lights.htb>
Date:   Thu May 30 22:16:02 2019 +0100           
                                                 
    Moving to Git, first time using it. First Com

I tried with all and 2nd on looks intresting

1

git show 47241a47f62ada864ec74bd6dedc4d33f4374699

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

$ git show 47241a47f62ada864ec74bd6dedc4d33f4374699
commit 47241a47f62ada864ec74bd6dedc4d33f4374699
Author: SherlockSec <dan@lights.htb>
Date:   Fri May 31 12:00:54 2019 +0100

    Thanks to contributors, I removed the unique token as it was a security risk. Thanks for reporting responsibly!

diff --git a/config.json b/config.json
index 316dc21..6735aa6 100644
--- a/config.json
+++ b/config.json
@@ -1,6 +1,6 @@
 {
 
-       "token": "SFRCe3YzcnNpMG5fYzBudHIwbF9hbV9JX3JpZ2h0P30=",
+       "token": "Replace me with token when in use! Security Risk!",
        "prefix": "~",
        "lightNum": "1337",
        "username": "UmVkIEhlcnJpbmcsIHJlYWQgdGhlIEpTIGNhcmVmdWxseQ==",

Decode it through Base64 to get the flag!

Congragulations!!

Flag

HTB{v3rsi0n_c0ntr**************}

Write Up, HackTheBox
write up hackthebox ctf easy walkthrough web http sqli docker forensics github git json version-control shoppy machine
This post is licensed under CC BY 4.0 by the author.
Contents

front-page port 80-shoopyu Hackthebox University CTF 2022| Supernatural Hacks

photobomb Photobomb | HackTheBox | Machine