Description

The first part of the e-mail address of this GitHub user is the password that will open the file below. (Use only the part before @) The password that is in that file will open the next level.

NOTE: DO NOT contact this GitHub user for any hints or your account/IP will be blocked!

Attachments

🗎 Download File

🗎 Mirror

Instructions

Type password from the file.

Solution

So we have to find the first part of the e-mail address of the GitHub user angularjs-gdit in order to open the password-protected Microsoft Word document (docx) file.

Visiting the GitHub profile, we can see the user is not displaying their e-mail address in the profile section.

GitHub Profile

The next step is to search the e-mail address of the user in the public repos, commits, issues, and pull requests.

I found one interesting repository, angularjs-gdit/slideshow , which contains a PowerPoint presentation file (pptx) named angularjs.pptx . But, no e-mail address was found in the file.

pptx

When I checked the commits of the latest repository, also no e-mail address was found in the commit messages. Usually some developers sign their commits with their e-mail address using the -s flag (e.g. git commit -s -m "commit message") these features are using GPG keys to sign the commits.

commits

I also checked the issues and pull requests, but no e-mail address was found.

Then, I remembered that GitHub has a feature that allows users to check commit patches. So to view the patch of the latest commit, I visited the latest commit page and added .patch at the end of the URL.

https://github.com/angularjs-gdit/example-01-helloworld/commit/4243528ac995e2bb717eed82b06fea620ab7f0f2.patch

patch

And there it is, the e-mail address of the user is [email protected]. But we only need the first part of the e-mail address, which is pt103368.

Another way to find the e-mail address is by using the git log command. First, clone the repository using the following command.

git clone https://github.com/angularjs-gdit/example-01-helloworld.git

git clone 1

git clone 2

Then navigate to the cloned repository

cd example-01-helloworld

and use the following command to view the commit history.

git log

git log 1

or to view it in a specific format, you can use the following command.

git log --pretty=format:"%h %an %ae" -1

git log 2

The command above will display the commit hash, author name, and author e-mail address of the latest commit.

So we got the first part of the e-mail address, which is pt103368. Now we can use it to open the password-protected Microsoft Word document (docx) file.

docx

When the file is opened, we can see the password to open the next level.

Extras

Tools

For GitHub OSINT stuff I made a script/tools to automate the process, you can find it here . It’s called ghosint which the name is coming from “GitHub OSINT”. It’s a simple Python script that uses the GitHub API to gather information about a user or an organization. This tools requires a GitHub API token to work.

Features

The information that can be gathered are:
  • Basic Information
    • Username
    • Name
    • ID
    • Node ID
    • Avatar URL
    • Location
    • Bio
    • Company
    • Hireable
    • Organizations
    • Followers
    • Following
    • Type
    • Created
    • Updated
  • Socials
    • Email (Public)
    • Email (Commit)
    • Gravatar ID
    • Blog
    • GitHub Pages
    • Twitter
    • Facebook
    • Instagram
    • Linkedin
    • Mastodon
    • Reddit
    • Twitch
    • Youtube
    • Hometown
    • Generic (Custom)
  • User Credentials
    • Public PGP/GPG Key
    • Public SSH Key
  • Repos Information
    • Public Repos
    • Public Gists
    • GitHub Gist
  • Latest Commit
    • Latest Commit Hash
    • Commit Message
    • Commit URL
    • Commit API URL

Screenshots

ghosint

For more information about the script, you can visit the GitHub repository .

Flag/Password

Show

s00rcing

References