H4ck1ng G00gl3 ep004 challenge 03
Introduction
H4ck1ng G00gl3 is a series of security challenges published on October 2022 where the only way to win is to think like a hacker. In this post, I explain how I solved ep004 challenge 03. Category Misc.
Learning Journey
In that challenge, we only have the hint. So, I went ahead to the webpage used in this episode. Next to the “FAQs” tab, I found the “Contributing” tab.
However, the tab isn’t clickable. Moreover, you have to be authenticated to access the URL https://vrp-website-web.h4ck.ctfcompetition.com/contributing. That was a minor inconvenience, but I remember that the code in challenge two had some layouts of the different web pages. I returned to it and found the “contributing.hbs” inside the views folder.
This file explains how to get started contributing.
In theory, we only need to clone the repository, modify something, create a branch and push it. Cloning the repository works as expected, but pushing an empty branch will return an error.
Among the output, we can read: “remote: Skipping presubmit (enable via push option)”. I decided to enable the presubmit option and see what happens.
Now, the go command is not found. I installed it on my local machine, but nothing changed. It seems that the “build.sh” is executed on the server side, not the client side. So, I decided to read the script.
As we can see in the previous images, what it does is rather simple. The scripts initialize a couple of variables and print some information on the screen. However, notice the comment in the “configure_flags.sh”. We have to bump the version before pushing a new change. Hence, I created a new commit with a new version.
The output printed the new version “0.1.2”. What would happen if I try to read the “flag” file? With that idea, I modified the script.
After creating another commit with this new change and executing the push, we can read the flag in the output. With that, we completed the challenge.