Okay, we have a regular git repo, let's check it out
┌──[fey ☣️ ️ kali] ⚔ [master]
└[~/CHALLS/CTF/PHACK/FORENSIC/chall] = = = > ls
css img index.html
Let's check previous commits...
┌──[fey ☣️ ️ kali] ⚔ [master]
└[~/CHALLS/CTF/PHACK/FORENSIC/chall] = = = > git log
commit 44b17b5eda3a400ad82342a6a0961491d8e7955d (HEAD -> master)
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 21:14:20 2021 +0100
added certified logo, works like a charm !
commit c6de8812509608e205e993fc9b9602a7e5dd69ba
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:37:53 2021 +0100
add price selection (getting clooose to production)
commit 99793934d28cd71d60f0dbb48439e4706b38d326
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:31:06 2021 +0100
Fix form (was mess hehe) :wrench:
commit c942e9e5d4bbb17b7654d6b9bc1182908fb8fdce
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:16:12 2021 +0100
arff.. remove unused file
commit 996db5dfe7cdc8380e9847a34b4f53f437a13306
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:15:27 2021 +0100
add type dropdown
commit 57f0787df510bbb82dfd341e119aeeab1f4d6655
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:11:58 2021 +0100
add search form (without php yet..)
commit 3a3595c87e6c04050ecaa4074d2325138050338a
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:00:54 2021 +0100
white box form test v1
commit 9d59fe5e551337ea8bda9b60e86c00c1aa7d91dc
:
I tried everyone of them, but no flag...
Okay, maybe the flag is hide in another branch !
┌──[fey ☣️ ️ kali] ⚔ [master]
└[~/CHALLS/CTF/PHACK/FORENSIC/chall] = = = > git branch
* master
seachV2
search-engine
test-color
(END)
Let's checkout old commits of search-engine
┌──[fey ☣️ ️ kali] ⚔ [master]
└[~/CHALLS/CTF/PHACK/FORENSIC/chall] = = = > git checkout search-engine
Switched to branch 'search-engine'
┌──[fey ☣️ ️ kali] ⚔ [search-engine]
└[~/CHALLS/CTF/PHACK/FORENSIC/chall] = = = > git log
commit 3513108e6997b232cbaa41f7a22410a63898c776 (HEAD -> search-engine)
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:28:10 2021 +0100
Okk this isnt gonna work..
commit 651d24cba03bb8c5643fbe14fcd4b4f3bddb3bf0
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:27:35 2021 +0100
last input test (will work??)
commit 86bff6ce4bef509953c20794d933bd8a0086c760
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:23:19 2021 +0100
comment unused code seems to woork fine..
commit fe7ac25c2e6ecb9796e9ba786deb65f306ba3d23
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:21:26 2021 +0100
test php script ?
commit e1f929c6ba2e194922ca39b82586bc72917f1500
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:20:06 2021 +0100
commit before sleeep Zzzz
commit be1a3b445f0093762d57adf653c6ec5d69821491
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:16:12 2021 +0100
arff.. remove unused file
commit 69a0d84b9c1aacd625ca563cb33ba79da54bf70e
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:15:27 2021 +0100
add type dropdown
commit 57e7893941104d925430eee981c6e530b1c15ea6
Found an interesting commit
┌──[fey ☣️ ️ kali] ⚔ [search-engine]
└[~/CHALLS/CTF/PHACK/FORENSIC/chall] = = = > git show 651d24cba03bb8c5643fbe14fcd4b4f3bddb3bf0
commit 651d24cba03bb8c5643fbe14fcd4b4f3bddb3bf0
Author: Gerard Mensoif <gerard.mensoif@gmail.com>
Date: Mon Feb 1 19:27:35 2021 +0100
last input test (will work??)
diff --git a/search copy.php b/search copy.php
index d092734..c583de3 100644
--- a/search copy.php
+++ b/search copy.php
@@ -1,7 +1,10 @@
<?php
// if (isset($_POST['type']) && isset($_POST['??'])) {
+if (isset($_POST['type'])) {
echo "Ok!";
-// } else {
+} else {
echo "Ko!";
-// }
\ No newline at end of file
+}
+
+// PHACK{Z2l0IGNvbW1pdCAtbSAiRXogZ2l0IDp0YWRhOiI=}
\ No newline at end of file
(END)
And Done !