Committed TryHackMe walkthrough.

introduction

Hello guys back again with another walkthrough of Committed from TryHackMe. The walkthrough will be short this time. We are required to do some forensics on a git repository nothing too fancy but it teaches an important lesson. We first start a machine and download a zip file. Extract the entire contents then I’ll use on of the subtools of gitTools to get a copy of all the commits and grep for the flag. Without much say let’s jump in.

When we start the machine we get a system with the file that we need analyzed. It’s in a zip file called commited.zip.

I wanted to download the files to my machine and for this to happen i needed to know the ip address of the spawned system. I used the command

ip a

To get the IP Address of the system.

The IP Address was 10.10.217.58. Next step was to set up a web server on the remote system and given python was installed I used http.server library to set up a simple web server.

Sweet now we have the files on our system the next step was to extract the contents from the zip

I used the command

unzip commited.zip

Looking at the extracted contents we have a .git directory. I used a tool called gitTools to extract the commits from the .git directory. I copied the subtool extractor top my current working directory

Then to extract all the commits i used the following command

bash extractor.sh commited extract

Looking at the screenshot below we successfully extracted all the commits

Next i just used grep to find the flag

grep -Ri "thm\|flag" .

Looking at the screenshot below we get the flag. We can now submit it and get the points

Hope you liked the walkthrough if so clap for me down below and follow me so that you won’t miss any upcoming walkthrough