If not, in a Web browser, go to
Enter your email. Follow the on-screen process to create an account, as shown below.
git config --global user.name your-name git config --global user.email your-email
To see the contents of the folder, execute this command:mkdir testr cd testr echo A > FileA.txt echo B > FileB.txt
You see the two files "FileA.txt" and "FileB.txt", as well as the two system-generated files "." and "..", as shown below.ls -al
This creates a ".git" directory, but it does not add the files to it, as shown below.git init git status
Execute these commands:
This adds the files to your local git repository, as shown below.git add -A git status git commit -m "First Commit" git status
Log in to GitHub, if you haven't already.
Click the green New button, as shown below.
Name your repository testr, as shown below.
Accept the default values and, at the bottom, click the green "Create repository" button.
The next page shows the URL of your repository, outlined in red in the image below. Copy this URL to the clipboard.
Enter your username and password when you are prompted to.git push https://github.com/cnit123e/testr.git master
This uploads the files to GitHub, as shown below.
The files appear, as shown below.
Execute these commands, replacing the URL with the URL of your repository.
The files are uploaded, as shown below.echo SECRETS > secrets.txt git add -A git commit -m "Second commit" git push https://github.com/cnit123e/testr.git master
The secrets.txt file appears, as shown below.
Click secrets.txt to see its contents.
This is bad--that file is visible to anyone, since this is a default Public repository.
The files are uploaded, as shown below.rm secrets.txt git add -A git commit -m "Third commit" git push https://github.com/cnit123e/testr.git master
Refresh the GitHub page.
The secrets.txt file is gone, as shown below.
This appears to have fixed the problem, but it hasn't, because that file can still be retrieved from GitHub.
You see the three commits, named "Third commit", "Second commit", and "First commit", as shown below.cd mkdir testr2 cd testr2 git clone https://github.com/cnit123e/testr.git cd testr git log
Highlight the hash value of the "Second commit", outlined in red in the image above, and copy it to the clipboard.
Execute these commands, replacing the hash value with the hash value you just copied:
The secret file is revealed, as shown below.q git checkout 5dcf1a0372bc5b0b517faaecf8e65aff5cf652a1 ls cat secrets.txt
IR 450.1: State (10 pts)
The flag is covered by a green rectangle in the image below.
If you see a version number, as shown below, you have Java.java --version
If you need to install Java, see Oracle's mind-boggling instructions here:
https://rtyley.github.io/bfg-repo-cleaner/
Click the "Download v1.13.0" button, as shown below.
Then delete the secrets.txt file from all commits in your repository with these commands, replacing the URL with the URL of your repository:
cd cd Downloads git clone --mirror https://github.com/cnit123e/testr.git java -jar bfg-1.13.0.jar --delete-files secrets.txt testr.git cd testr.git git reflog expire --expire=now --all git gc --prune=now --aggressive git push
IR 450.2: Update (10 pts)
The flag is covered by a green rectangle in the image below.
Find the hash for the "Second commit" and use it in the appropriate command below.cd mkdir testr3 cd testr3 git clone https://github.com/cnit123e/testr.git cd testr git log
The secrets.txt file is gone, as shown below.git checkout e88cb745e3627dd005ba1a03ab700bb8bfad9edc ls
IR 450.3-5: Hidden Flags (25 pts)
Find flags in this repository:https://github.com/cnit123e/challenge.git
Hint: this may help.
- IR 450.3: ART FLAG (10 pts)
- IR 450.4: WEAK FLAG (10 pts)
- IR 450.5: SUPER FLAG (15 pts)
Posted 11-18-20