iT邦幫忙

2024 iThome 鐵人賽
DAY 2
0
Security

picoCTF系列 第 2

[Day 2] Collaborative Development

16th鐵人賽
166 瀏覽

  • 分享至 

  • xImage
    •  

一次小試身手,題目有關於 git 指令。
看到問題,題目想要問將每個人新增的東西結合起來會怎麼樣,並且給了很多關於 git 的提示。
https://ithelp.ithome.com.tw/upload/images/20240806/20168342OwpZHVQkmC.png
hint 1:git branch -a will let you see available branches
hint 2 :How can file 'diffs' be brought to the main branch? Don't forget to git config!
hint 3:Merge conflicts can be tricky! Try a text editor like nano, emacs, or vim.

首先,我們先看到下載了甚麼東西。發現得到一個壓縮檔,叫做 challenge.zip。

$ ls -l
total 32
-rwxrwxr-x 1 s109056003 s109056003 24640  七  27 21:19 challenge.zip

使用 chmod 給予壓縮檔執行權限,再來解壓縮,會出現一個 drop-in 的檔案。

$ chmod +x challenge.zip 
$ unzip challenge.zip 
Archive:  challenge.zip
   creating: drop-in/
   creating: drop-in/.git/
   creating: drop-in/.git/branches/
  inflating: drop-in/.git/description  
   creating: drop-in/.git/hooks/
  inflating: drop-in/.git/hooks/applypatch-msg.sample  
  inflating: drop-in/.git/hooks/commit-msg.sample  
  inflating: drop-in/.git/hooks/fsmonitor-watchman.sample  
  inflating: drop-in/.git/hooks/post-update.sample  
  inflating: drop-in/.git/hooks/pre-applypatch.sample  
  inflating: drop-in/.git/hooks/pre-commit.sample  
  inflating: drop-in/.git/hooks/pre-merge-commit.sample  
  inflating: drop-in/.git/hooks/pre-push.sample  
  inflating: drop-in/.git/hooks/pre-rebase.sample  
  inflating: drop-in/.git/hooks/pre-receive.sample  
  inflating: drop-in/.git/hooks/prepare-commit-msg.sample  
  inflating: drop-in/.git/hooks/update.sample  
   creating: drop-in/.git/info/
  inflating: drop-in/.git/info/exclude  
   creating: drop-in/.git/refs/
   creating: drop-in/.git/refs/heads/
 extracting: drop-in/.git/refs/heads/main  
   creating: drop-in/.git/refs/heads/feature/
 extracting: drop-in/.git/refs/heads/feature/part-1  
 extracting: drop-in/.git/refs/heads/feature/part-2  
 extracting: drop-in/.git/refs/heads/feature/part-3  
   creating: drop-in/.git/refs/tags/
 extracting: drop-in/.git/HEAD       
  inflating: drop-in/.git/config     
   creating: drop-in/.git/objects/
   creating: drop-in/.git/objects/pack/
   creating: drop-in/.git/objects/info/
   creating: drop-in/.git/objects/77/
 extracting: drop-in/.git/objects/77/d6ceca6fe23b57d88cf16f20003e10d6715690  
   creating: drop-in/.git/objects/b9/
 extracting: drop-in/.git/objects/b9/32e8c048154a46d224cd7691c99dc8cb88164a  
   creating: drop-in/.git/objects/22/
 extracting: drop-in/.git/objects/22/58a0f267d57e8b6025e2a020b77fac7a553c92  
   creating: drop-in/.git/objects/6e/
 extracting: drop-in/.git/objects/6e/17fb3a35364b4f9bb8bef8b5e6a5af2d3e7dfa  
   creating: drop-in/.git/objects/43/
 extracting: drop-in/.git/objects/43/e44dd37ba0c0adc3d78d0b85d699859ec8d75c  
   creating: drop-in/.git/objects/8e/
 extracting: drop-in/.git/objects/8e/ea0627726fc363246015cb4c7e927e70286e87  
   creating: drop-in/.git/objects/7a/
 extracting: drop-in/.git/objects/7a/b4e25c0cd108374b2275fdb1fcdf635e591833  
   creating: drop-in/.git/objects/d1/
 extracting: drop-in/.git/objects/d1/f3407cee4479c075997b497fa290ca636fe258  
   creating: drop-in/.git/objects/05/
 extracting: drop-in/.git/objects/05/db9e274ff691e0f9fb492403b570629eb80aa9  
   creating: drop-in/.git/objects/4f/
 extracting: drop-in/.git/objects/4f/136da027f9a97032d53dd5f667dd6c7852737c  
   creating: drop-in/.git/objects/dd/
 extracting: drop-in/.git/objects/dd/f6fd2129098bf677ac010259a2a642060aea47  
   creating: drop-in/.git/objects/65/
 extracting: drop-in/.git/objects/65/5c7bfebe9c221369ab00ac7374d0d4bd4d62a9  
  inflating: drop-in/.git/index      
 extracting: drop-in/.git/COMMIT_EDITMSG  
   creating: drop-in/.git/logs/
  inflating: drop-in/.git/logs/HEAD  
   creating: drop-in/.git/logs/refs/
   creating: drop-in/.git/logs/refs/heads/
  inflating: drop-in/.git/logs/refs/heads/main  
   creating: drop-in/.git/logs/refs/heads/feature/
  inflating: drop-in/.git/logs/refs/heads/feature/part-1  
  inflating: drop-in/.git/logs/refs/heads/feature/part-2  
  inflating: drop-in/.git/logs/refs/heads/feature/part-3  
  inflating: drop-in/flag.py

接著使用 ls -R ,這個指令的意思是,將資料夾底下的檔案夾逐一顯示,看到 drop-in 資料夾中有一個 flag.py。

$ ls -R
.:
challenge.zip  drop-in  step.txt

./drop-in:
flag.py

然後,我們使用 cat 檢視 flag.py,但是沒有看到 flag 的資訊。

$ cd drop-in/
$ cat flag.py
print("Printing the flag...")

於是想起 hint,提示有給 git branch -a 使用這個指令,可以知道我們現在在哪個分支。( 其實在解壓縮 challange.zip 時,也能看到有三個分支 )

使用 git branch -a,我們可以看到現在在 main 底下,並且有 3 個分支。

$ git branch -a
  feature/part-1
  feature/part-2
  feature/part-3
* main

於是使用 git checkout ,更改所在的分支,並且逐一將每個分支底下的 flag 結合,就可以得到 flag 了。

當然您也可以使用 merge,但是提示說可能會比較麻煩,因此在這裡我選擇一一將 flag 合併就好了。

$ git checkout feature/part-1; cat flag.py
Already on 'feature/part-1'
print("Printing the flag...")
print("picoCTF{t3@mw0rk_", end='')

$ git checkout feature/part-2; cat flag.py
Switched to branch 'feature/part-2'
print("Printing the flag...")

print("m@k3s_th3_dr3@m_", end='')

$ git checkout feature/part-3; cat flag.py
Switched to branch 'feature/part-3'
print("Printing the flag...")

print("w0rk_6c06cec1}")

總結:
我們學習了使用 git 指令來管理分支並解決合併衝突,並且通過切換分支並合併 flag.py 的內容,我們成功找到了 flag。


上一篇
[Day 1] 前言 & 介紹
下一篇
[Day 3] Verify
系列文
picoCTF30
  1. 26
    [Day 26] heap2
  2. 27
    [Day 27] format string 2
  3. 28
    [Day 28] Mob psycho
  4. 29
    [Day 29] rsa_oracle
  5. 30
    [Day 30] Classic Crackme 0x100
完整目錄
圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言
iThome鐵人賽
參賽組數
1064
團體組數
40
累計文章數
22189
完賽人數
602
iT+看影片追技術 看影片追技術 看更多
熱門tag 看更多
15th鐵人賽 16th鐵人賽 13th鐵人賽 14th鐵人賽 12th鐵人賽 11th鐵人賽 鐵人賽 2019鐵人賽 javascript 2018鐵人賽 python 2017鐵人賽 windows php c# windows server linux css react vue.js
熱門問題
熱門回答
熱門文章
IT邦幫忙