Official write-up for a challenge in NasCon CTF '23
Name
InfoLeak
Description
This guy freelanced for our company and disclosed one of our top-secret RSA encoding schemes somewhere in the wild. The only thing we know about him is his Instagram ID: @dingavinga. We need the exact link to where he posted the confidential scheme. (Format: https://{URL})
Hint
Repositories aren't the only place you can store code.
- Github Admin
Since this is an OSINT challenge, we can take just about any route to this challenge. However, we will be covering 2 of those.
We know with the problem statement that we need to find a piece of code since a whole "encoding scheme" was leaked. We also know the Instagram ID: dingavinga
The first step we take is visting the target's Instagram profile.
To our surprise, the profile is private and there is probably no way of accessing his posts. However, we stumble upon the name of the target- Abdullah.
Knowing that a piece of code was leaked, our best bet is GitHub. We search for dingavinga...
We notice the name and this is definitely not "Abdullah"'s profile. Maybe the username @dingavinga was taken at the time the target created his profile? We try and search for GitHub profiles keeping the keyword "dingavinga" in mind.
Woah! There's another profile with the username dingavinga1. We go ahead and open up this profile and... (skip route 2 to avoid suspense)
We go ahead and search for "dingavinga abdullah" on Google and get the following results.
Out of LinkedIn, SoundCloud and GitHub, which platform is perfect for leaking code? You guessed it- Github. We go ahead and click it and...
We've found our guy! Now all we have to do is search for rsa in his repositories. Unfortunately, we get "no results returned" :(
Just as we're about to lose all hope, a hint is uploaded (given above). The statement tries to derail us from our GitHub path. However, the last line says "Github Admin" which hints at the code being hidden on Github but not in a repository. As cyber-security professionals, we go to our best-friend ChatGPT and ask the question, "Where can you put code on Github while not using a repository?"
GitHub Gist? What the f**k is that? Anyway, we go ahead and look for Gists by dingavinga1 and we see a familiar word.
Yes!!! We're looking for an RSA scheme. This is an RSA scheme. The flag is the URL of the leaked code, so we copy the link https://gist.github.com/dingavinga1/a8b1b48dcd63bfb85f31c2e04037429e and to our surprise, it works!
All hints are not rabbit holes.