Skip to main content

Dockerflag

Challenge Overview

We received a tar archive containing multiple tar.gz files. After extraction, we obtained a copy of a Docker image for a Flask project.

Analysis & Solution

  1. Extracted all archives to reconstruct the Docker image filesystem.
  2. Navigated to the app folder, which contained a basic Flask project under git version control.
  3. Noticed that the .git directory was present, but the HEAD file was missing.
    • Manually recreated .git/HEAD with the content: 
      ref: refs/heads/main
  4. Ran git log and observed several commits. One commit stood out:
    • Commit message: "Last commit before week-end !"
    • Other commits had descriptive messages about added features.
  5. Checked out the suspicious commit: 
    git checkout <commit-hash>
  6. Found a .env file present at this commit, which contained the flag.

Flag:

404CTF{492f3f38d6b5d3ca859514e250e25ba65935bcdd9f4f40c124b773fe536fee7d}