976fda49557dcb8655a99dd16cd0dd68fecbcdb1
projects/hackthebox.md
... | ... | @@ -28,7 +28,7 @@ url: https://www.hackthebox.eu/invite |
28 | 28 | - copy invite code into input box and submit |
29 | 29 | |
30 | 30 | ## web |
31 | -### lernaean (20 pts) |
|
31 | +#### lernaean (20 pts) |
|
32 | 32 | - open url:port provided from instance |
33 | 33 | - proxy page through burpsuite |
34 | 34 | - submit password to see response |
... | ... | @@ -52,4 +52,21 @@ url: https://www.hackthebox.eu/invite |
52 | 52 | - check response in burp to find HTB flag |
53 | 53 | |
54 | 54 | ## misc |
55 | -### 0ld is g0ld |
|
55 | +#### 0ld is g0ld (10 pts) |
|
56 | +- download zip file |
|
57 | +- unzip a password protected pdf |
|
58 | +- use `pdfcrack` to bruteforce password |
|
59 | + ``` |
|
60 | + pdfcrack -f 0ld\ is\ g0ld.pdf -w /path/to/rockyou.txt |
|
61 | + ``` |
|
62 | +- open pdf with password |
|
63 | +- scroll to bottom and zoom in a lot to find morse code |
|
64 | + ``` |
|
65 | + .-. .---- .--. ... .- -- ..- ...-- .-.. -- ----- .-. ... ...-- |
|
66 | + ``` |
|
67 | +- translate code |
|
68 | + ``` |
|
69 | + R1PSAMU3LM0RS3 |
|
70 | + ``` |
|
71 | +- submit flag (wrap with HTB{<string>}) |
|
72 | + |