We are given log.txt that contains the full commit history of the flag-containing repository. We are also given the content of the only file, namely flag.txt, for the first three commits. Also, three characters are filled in each subsequent commit. The objective is to recover the flag.

I was playing Union CTF with @blackb6a last week. Since this CTF is prepared by cr0wn where Jack and hyperreality were in (they made CryptoHack), I am convinced that the CTF will be fun. Turns out I wasn’t disappointed at all. I will be writing three or four posts on the challenges, and the first of the series covers on exah, the reversing challenge I spent most of my time (yet not solving it).