TryHackMe: Git Happens Walkthrough

Sakshi Aggarwal
3 min readOct 23, 2020


The only task in this room is to capture the flag. Deploy the machine.

Start gathering information. It is a good practice to start with the port scan. Nmap tool can be used for port scanning. The command I used is: nmap -sSV -sC machine_IP_address

  • -sSV is used to service and version scan
  • -sC is used to default script scan

The scan results shows that the http service is running on port 80 and a git repository is found at MACHINE_IP_ADDRESS:80/.git

Visit at MACHINE_IP_ADDRESS by simply typing IP address in browser. A login page appears.


The page shows some folders, it is an exposed git directory. We cannot check each and every folder individually.

GitTools can be very helpful. It contains a script which can be used to pull and copy the git repository to our local machine. We can install GitTools by using the command: git clone

After successfully installing the GitTools find the path to the

Now, use the command:

./ http://MACHINE_IP_ADDRESS/.git clone

The command above will copy the git repository to our local system. A folder named ‘clone’ will be created in the current directory in which we are.

Navigate to the clone folder.

Check the status of the repository using the command git status. It will display what changes have been made in the repository since it was created.

Check if there is something in logs. Use the command git log.

Found a commit which was made on 23rd july and which says that ‘Made the login page, boss!’. This can be of our use because when we started with this room we encountered login page.

Use git show commit_id command to see what was committed. Explore the code.

And here I found the Username and password. And password is our flag.

Thank you for reading!!!

Keep learning…



Sakshi Aggarwal

Digital forensics enthusiast | Cyber security | Bug hunter | Java | Python | Analyzer