Commitment

点击此处获得更好的阅读体验

---

WriteUp来源

https://dunsp4rce.github.io/csictf-2020/osint/2020/07/22/Commitment.html

by vishalananth

题目描述

hoshimaseok is up to no good. Track him down.

题目考点

解题思路

We open sherlock and search for the given username

python3 sherlock hoshimaseok

We get lots of useful results from Facebook, Github, Instagram, Reddit and Twitter. We check them one by one to eliminate false positives and end up with the Github account: https://github.com/hoshimaseok(in hindsight the challenge name is a clue :P). We see a repo named SomethingFishy and we look into the commit history. We check them one by one and we see a commit message feat: Looking for flag?. Looking at that we see a lot of hebrew text which sadly was a distraction and did'nt give us any useful information. Looking into the other commits we see that the commit fix: userSchema.js fix has a deleted .env file with the flag.

Flag

csictf{sc4r3d_0f_c0mm1tm3nt}