picoCTF General Skills Guide

here's how to solve Time Machine

Back to the Bandit Guides

Time Machine

Description: What was I last working on? I remember writing a note to help me remember... You can download the challenge files here: challenge.zip
Author: Jeffery John
Tags: Easy, General Skills, picoCTF 2024, browser_webshell_solvable, git
Hints: 1. The cat command will let you read a file, but that won't help you here! 2. Read the chapter on Git from the picoPrimer here. 3. When committing a file with git, a message can (and should) be included.
Files: challenge.zip

Theory

According to the description, to get the flag we have to look at the history of a git, maybe it's an older commit or something where we'll use git log. The description doesn't tell us much more than that, So let's start solving this.

$ git log

Solution

First we will download the file into our shell. For this we'll use the wget command which downloads any file or HTML file of a website:

shukularuni-picoctf@webshell:~$ wget https://artifacts.picoctf.net/c_titan/161/challenge.zip
--2024-12-22 16:12:32--  https://artifacts.picoctf.net/c_titan/161/challenge.zip
Resolving artifacts.picoctf.net (artifacts.picoctf.net)... 3.160.22.92, 3.160.22.43, 3.160.22.128, ...
Connecting to artifacts.picoctf.net (artifacts.picoctf.net)|3.160.22.92|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 17739 (17K) [application/octet-stream]
Saving to: 'challenge.zip'

challenge.zip  100%[=================================================================================================================================================================>]  17.32K  --.-KB/s    in 0.005s  

2024-12-22 16:12:32 (3.69 MB/s) - 'challenge.zip' saved [17739/17739]

shukularuni-picoctf@webshell:~$ ls
README.txt  challenge.zip

Now that we have the file let's unzip it and look inside:

shukularuni-picoctf@webshell:~$ unzip challenge.zip
Archive:  challenge.zip
   creating: drop-in/
  inflating: drop-in/message.txt
...
  inflating: drop-in/.git/logs/refs/heads/master  

shukularuni-picoctf@webshell:~$ ls
README.txt  challenge.zip  drop-in

So it looks like it's a folder called "drop-in", now we'll use git to look at the log inside of this drop-in git:

shukularuni-picoctf@webshell:~$ cd drop-in

shukularuni-picoctf@webshell:~/drop-in$ ls
message.txt

shukularuni-picoctf@webshell:~/drop-in$ cat message.txt
This is what I was working on, but I'd need to look at my commit history to know why...

That's the same message from the task description, not very helpful. Now for real lets use the git command to see what we find in the log:

shukularuni-picoctf@webshell:~/drop-in$ git log
commit 10228f3d6437701ef5aaac04213757031f30ebec (HEAD -> master)
Author: picoCTF <ops@picoctf.com>
Date:   Tue Mar 12 00:07:24 2024 +0000

    picoCTF{t1m3m@ch1n3_8defe16a}
(END)

There we go! That's the flag. Now you can delete the drop in folder if you don't want your webshell filling up with files from challenges, using `rm` to remove files and `rm -r` to remove folders:

shukularuni-picoctf@webshell:~/drop-in$ cd ..

shukularuni-picoctf@webshell:~$ rm challenge.zip

shukularuni-picoctf@webshell:~$ rm -r drop-in

shukularuni-picoctf@webshell:~$ ls
README.txt

If while removing the folder it says something in the lines of removing a write-protected file, just spam the "y" letter until they stop.

https://play.picoctf.org/practice/challenge/425

Explore My Website