title: Welcome to Kara Org
date: Dec 25, 2022
tags: Writeup YogoshaChristmas_2022 Web
Difficulty: 500 points | 92 solves
Description: Welcome To Kara Organization! It's the Christmas so Konoha will let its guards down and we can take down the big threat Boruto! For that we need to prepare our forbidden jutsus. In Kara organization we are well secure, we have hidden some clues in this dockueru image shisuiyogo/christmas, can you retrieve them as your first mission ?
This challenge was the 1st step of the CTF. From the description, we know that we have to find a docker image. To do so, we can go to: https://hub.docker.com/r/<maintainer>/<image-name>
or directly pull shisuiyogo/christmas
.
docker pull shisuiyogo/christmas
Now that we have the docker image locally, it is possible to investigate into different layers using dive to dig into all the different layers.
What are docker layers?
Layers in docker context represent all the different step that the docker engine will make to generate a docker image based on a Dockerfile.
In order to go faster, I've just used the following command to retrieve all the layers data into one .tar
file:
docker save shisuiyogo/christmas -o yogo_christmas.tar
From this, the flag could be retrieved in the following file:
yogo_christmas.tar/26ca41e311fdd9587039634cc34f9876d781fe386c05ff21fca606d6673ca6ee/layer.tar/data/secret_note.txt
Flag: FLAG{Welcome_T0-The_XmAs_Chall}
🎉