-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathHard
2 lines (2 loc) · 904 Bytes
/
Hard
1
2
Download print_me-protected.pdf file and run pdfcrack.The password is carrie05. Once we use password to open the pdf file we get a link to google drive.From there we can download hard.jpg
When we read the file name pass and upon highlighting we find some hidden test.There is an hint that says pass phrase for using steghide on jpg is plain sight signifying it could be an web page.using drive as passphrase on steghide tool we use on hard.jpg we get embed file out link to other drive link.In the file we find three files hard-protected.pdf,hard_2.pcapng,nm.By using the instructions given in nm we are asked to find out sender's ip - 10.0.2.15.we use this as password of hard-protected.pdf we get another link.On following the link we find other password protected file flag_-protected.pdf.Using john the ripper with rockyou.txt wordlist we find the password which is vritt1 and we find the flag{flag}