Point-of-Sale Password Recovery⚓︎
Help Sugarplum Mary in the Courtyard find the supervisor password for the point-of-sale terminal. What's the password?
Hey, wouldja' mind helping me get into my point-of-sale terminal?
It's down, and we kinda' need it running.
Problem is: it is asking for a password. I never set one!
Can you help me figure out what it is so I can get set up?
Shinny says this might be an Electron application.
Electron ASAR Extraction
It's possible to extract the source code from an Electron app.
Download the santa-shop.exe binary using the link provided on the santa-shop website. The
file command tells us it's a Windows executable (thanks Captain Obvious) and a Nullsoft Installer self-extracting archive, which means we can extract the contents using pretty much any capable archive manager. 7-Zip on Windows, Engrampa on Kali Linux, and The Unarchiver on macOS all work. Inside the binary you'll find a 7-zip archive named
app-64.7z. Extract that as well.
app.assar archive file is what we're looking for. While the hints provided by Sugarplum Mary point to a tool and a guide on how to extract these types of archives, all we really need is
grep -a pass app.asar to search for lines containing the string pass.
Asar file format
Asar is a simple extensive archive format, it works like tar that concatenates all files together without compression, while having random access support.
Concatenating plaintext and binary files together doesn't modify the data. In other words, because no compression is being applied, any plaintext information that goes into the Asar archive remains plaintext and will be searchable. The
-a parameter forces
grep to treat the whole file as ASCII text and print any matching lines to the command line.