HTB Illumination Challenge Walkthrough
Walkthrough of the Illumination challenge on Hack The Box.
HTB WALKTHROUGHS
Challenge: Illumination
Difficulty: Easy
The user rating for this challenge was "piece of cake" mainly.
The description for this challenge was the following: A Junior Developer just switched to a new source control platform. Can you find the secret token?
Firstly, after downloading the files and unzipping the folder you want to go into the Illumination directory. When you first look at it you see the bot.js and config.json files.
When you run the command ls -a (-a is used to list all entries) you can see that a .git entry appears.
cd .git makes you enter the directory and view the content. By looking at the content, the most likely place to hold the secret token would be the logs, so you enter that one.
After navigating through the folders you will reach one file called "heads" and this is the content within. If you navigate through the hashed data you can see the comments made by the junior developer.
If you run the command git log you can see all the comments without an issue.
After you run the command, it will display the records of the commit in a Git repository.
The second commit, starting with 4724, mentions removing the unique token.
Copy that number and create a text file, I named my file "flag".
Finally, after saving the txt file with the commit, you run the command base64 --decode flag.txt
And you captured the flag!
