Lots of logs Writeup
Sdctf 2022
Solved By : thewhiteh4t
The blog contains links to 3 log files. As per hints in challenge description we are supposed to find more log files and as an assumption one of them will contain the flag
On the basis of the URL of the 3 available log files I created a small custom wordlist :
> cat wordlist.txt
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
Mon.log
Tue.log
Wed.log
Thu.log
Thur.log
Fri.log
Sat.log
Sun.log
then I used ffuf
to fuzz the challenge site to find more logs…
ffuf -w wordlist.txt -u https://logs.sdc.tf/logs/FUZZ -recursion -recursion-depth 5 -o results.txt -of csv
in the result I gathered over 1900 logs!
After this I attempted to curl them and find sdctf
in them but it did not work so flag wasn’t available directly. Then I downloaded all available logs 😞 using wget
After wasting some hours :
grep -vrnw "SELL\|FIN\|PROC\|LOG\|PROF" .
so -v
is used for invert grep, I used it because I was looking for unusual stuff, if you look at the log most of them have these keywords like SELL etc which were normal text
so here we can see that some of the bash history is leaked
nc logger.sdc.tf 1338
and a password
82d192aa35a6298997e9456cb3a0b5dd92e4d6411c56af2169bed167b53f38d