- In the realm of SSL certificates, the potential for attackers to gather substantial information through passive means is significant. This includes uncovering subdomains, mapping networks, checking assets and services. Your assignment involves retrieving the postal code and serial number linked to certification ID 7969287 and specified flag values.
- flag format: BAU{postalCode_serialNumber_flag1_flag2}
- Note: in order to retrieve the postal code and serial number linked to certification ID 7969287 you need to find the correct website
- download the following text file:
repo.txt
- when we download the
repo.txtand open it I found a suspicious texts patterns - {LOL_YOU_THOUGHT_YOU_FOUND_ME}
- as the question name suggests repo related to repository this is the folder name in GitHub so I’ll search for the founded text
{LOL_YOU_THOUGHT_YOU_FOUND_ME}as a repository in GitHub - Let’s download the repository and check it’s contents →
git clonehttps://github.com/sameerfakhoury/-LOL_YOU_THOUGHT_YOU_FOUND_ME-.git - let’s discover this repository
- as we see there are many
flags.txt - let’s use
grepcommand to check flag keyword →grep -i -r "flag" . - as we see almost all of them have
flagkeyword - make opposite of
step5and checknon flag→grep -i -r -v "flag" . - we have
flag1valueDelaware - going to the other folder called
otherswe have tow files - check the
http.txtfile - we have many lines of random text
- let’s search for
httpofcertificatekeyword as the question want things related to SSL certificate also checking the note in the question → Note: in order to retrieve the postal code and serial number linked to certification ID 7969287 you need to find the correct website - we got a website link related to SSL certifications →
https:crt.sh - open the following website
https:crt.shand check thepostalCodeandserialNumbervalues for the ID7969287 postalCodeandserialNumbervalues are →10043_2154254- going back to the GitHub repository let’s check the history section
- check each change commits one by one
- in the second one
- we got flag2 value
olbgt BAU{10043_2154254_Delaware_olbgt}
