Prompt

Analyze a git project and find some hidden flags. You can try to clone the repository but that might not work for you. If not, you'll need to find a way around it.

Walk-Through

This challenge hints at some kind of git repository with its name. If you are not familiar with git, it is a code version control system - think Google Drive (with revision history) but specifically designed to track code. You can interact with a git repository through a number of different ways - you can use the git command line utility or use a web browser if the git server provides a web interface. The most common implementations of git are Github and Gitlab.

Accessing the Repository Through the Command Line Interface (CLI)

To access it via a command line tool, you can install the git command line tool and issue the command:

git clone [git repository url]

This command will create a new directory in the current working directory with the same name as the repository name. From there, you can change into that directory to navigate around and inspect the files and revision history. A few good commands to know about git are the following:

git log - show a history log of all the commits (changes) made on the current branch
git log [branch name] - show a history log of all the commits on the target branch
git show [commit hash] - show the diff (specific addition/deletions) in that commit. The command hash is show in the git log command.
git branch - shows the different working branches (used to logically separate different works in progress)
git checkout [branch name] - switch to a different branch

Many times, git will show you the output in a paginated fashion, so you can use the up ⬆️ and down ⬇️ arrow keys on your keyboard to scroll. You can also press the space bar key to scroll to the next page. Once you are done viewing, press the q key on your keyboard to quit.

You can now use these commands to inspect the repository and answer the challenge questions!

Accessing the Repository Through the Browser (Web)

The provided git repository URL is in the form of: git@[hostname]:[username]/[repository name].git. To break it down:

the hostname of the server hosting a copy of the git repository
the username of the user that owns the repository
the repository name is the beginning/root of the repository

To access it via the browser, you can restructure the URL as a web URL which will generally have the convention of https://[hostname]/[username]/[repository name]. You can open your web browser and construct the URL to match that convention and navigate to it to begin exploring the repository with a more graphical user interface in lieu of using the command line based git tool.

Questions

What is the display name of the author of this git project?

CLI: Run git log and view the Author field

Web: Click on the “History” button which will show the author name

What is the short commit hash (first 8 characters) of the initial commit?

CLI: Run git log and press the space bar until you reach the end (or press shift + G to instantly scroll to the end) to find the hexadecimal hash digest for the very first commit and only copy the first 8 characters of the hash digest.

Web: Click on the “History” button which will show you a listing of all the commits, the short commit hash is shown on the right as the 8 character field.

What is flag #1?

CLI: Open the initial README.md file using the command: cat README.md

Web: On the initial page, the web interface should display the contents of README.md for you automatically

What is flag #2?

CLI: Run git branch to see what other branches exist and one of them will show a branch named flag2. Run git checkout flag2 to switch to the branch and then run ls to see flag2.txt as a new file on the branch. Open the file using cat. To switch back to the original branch, run git checkout master (most repos will use the default branch name of either master or main).

Web: Click on “2 branches” on the sidebar to see what other branches exist and one of them will show a branch named “flag2”, click on that branch to inspect its files. You will find a new file named flag2.txt on this branch, click on that file to view its contents. You can switch back to the default branch by clicking on “2 branches” in the sidebar again and selecting the default branch.

What is flag #3?

CLI: Open the flag3.txt file using the command: cat flag3.txt

Web: Click to open flag3.txt on the web interface

What is flag #4?

CLI: Run git log to find the commit hash with the associated commit message of “Added flag4” and then run git show [commit hash] to view the commit diff

Web: Click on the “History” button and then click on the commit with the commit message of “Added flag4” to view the commit diff

What is flag #5?

CLI: Run git log and you will find one of the commit messages indicate what flag 5 is.

Web: Click on the “History” button and for one of the commits, the commit message is truncated by the web interface, click on the ellipsis (three dots icon) to expand the commit message which will indicate what flag 5 is.