Committed Writeup - TryHackMe

Photo by Yancy Min on Unsplash

Committed Writeup - TryHackMe


2 min read

๐Ÿ‘‹ Introduction

Hi there!, Committed is a room created by Cmnatic in TryHackme Rated as Easy . Its actually quite simple if you have used git before. Without Further Ado lets Start!

๐Ÿ” Enumeration

Honestly, there isn't much to enumerate here as the files we need to are stored in the attack box.
So Deploy the machine and Press the 'Show split screen' button in the top right corner.

As the TryHackMe room says there is a ZIP file in /home/ubuntu/commited directory. unzipping it,
we are give two files - and This looks to be git folder since it has
.git directory.

The Python file:

This appears to be a script to connect to Mysql. but we are not given the credentials.

Checking Git branches:

If you don't know yet, here is a good blog post explaining what git branches are. We can list for all git branches using the command:

git branch -a

where '-a' is used to list local and remote branches.

This returns two Branches. master branch and "dbint" branch. The one branch marked with star symbol(*) is where we are at.

We can check for all the Commit history with the command:

git log

This returns all the Commit logs for the current Branch.

We can check for each Commit with the command:

git show <hash-value>

The first branch doesn't give us any Real output after checking each commit. and nothing seems suspicious.Lets move on
to the second branch.

git log dbint

We can see one Odd commit straight away commented as 'oops'. That might mean the commit contains a mistake done by the developer. Lets check it out.

We staight away sees the flag. That means this writeup is over.