Security WarGame By PAC Security
Security WarGame By PAC Security
So first of all I opened the link and it have the zip file I downloaded it and then try to open it.
It was password encrypted so I use john to decrypt it.
So here we can see that the password of the zip was password itself
Now I opened it .
It was containing a “pac.apk” file so first I ran the file command
Using file it is confirm that it is not a apk file so I use “cat” to print the output and I see a text with ==
so I rush to used base 64 but it was not base 64 so I google the cipher which gives the output with ‘=='
and I found blowfish cipher there so I googled the decoder of blowfish cipher and bingo I got the result that is:-
I picked up from ‘o+7...’ because there is a space between them and the site name was revealed.
I opened it
I found this page so first thing is that I use dirb on this page and I got the result as follows
URL /~adm
URL /~404
And there I found two file that is Encrypted_text of RSA and the Private_key of RSA so I just google the online RSA tool and I found this link
encrypted_text
ix5OWwAukz6eonuyF0kbanObZ43HfIbyD2VEH+5HbmnKaye6YJHTXrNphWqWbWq/55DtWLMS5v+57k22FdRsLKIXDwSaayXZi93QDG+girUuY52pUnQ9W78hFxzqYIvmLW/J6MDWcveW8iqs6D47KBtTwnH8jpxn/OoGdQqFpKg=
private_key
MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAKdMTnr+Lo4SYyhpJmGm99ZEdllHOPJfibOFjEO6BA9z+AaDWykzK/NaHJ9uS1/+T+pHQcX0sJM4QkT3E6V3xtZUaahRibxBk/uWyhcsjR8cd54lW9mS4K8DcYiQqLwQ5lEVi2OH9wT78uihPo9XFZcVpbellKZIXcT2BW1R9XQ9AgMBAAECgYEAitsHzIfKJjtWt8TGiYim7d23CRTXTDxFs44lxFTRZ+4OL4G5GTISyZHCbgWCZDNVKxNnoSEdqaOpRUp5sP4ANqw7eoCZDN07oBl7nhvc+63sJ81fIb9Vo497Xl/3XFnar6mx+DQhtz3S2imhpazxAv8jY2UraMx3me8tyhhpbsECQQDro+3pSh3jE9Ttefxl+QinUgbuLRs22y8kbL9yjlxpIM2GkPcxwED4bLAb56qT4ci42sc8uxyQogagQNYUcZ2xAkEAtcC7Ni4dGXYbLqJ9lR/DjmpzOBwsAntl29oHh/o/MeRtYDfO4b9EELrSxdOFJDvjG3GYu6YcuYi00eTB1NzmTQJAIIDsQFHI7Zm+tUMuXaKMXwghjJkMN/Tj+9JEVjjs5lNwBi/Y6TPrwli7sh2ymdN7LISBFw94UTsITvKilQ9XAQJBAKWNIzmLsWfSw5mr2nXt0+OyJLcUOiYcnkAujbOXBt78MYB19RR9cpNGiNw2+cxyXEBQLY2nFf0Nf568Hq40c/UCQQCXajO/Z7ETtF/DvaYnSqxqqw073lUQ3+/M4kunnkYObvKmMltLak15//2bAwzVtN76A1NTc8ZZfL9TZcySAJUw
https://www.devglan.com/online-tools/rsa-encryption-decryption
I just copied both encrypted message and private key in the field given in the link and decode it
So from here I got ~nobody is a directory so I moved to this location
So from here I landed here with 404 error I looked everywhere in source code in inspect element
but I didn’t found anything :( I spent almost 20-30 minutes with this page but I got nothing.
Then I looked back to my dirb result there I found there is a directory which is '404'.
So I moved to /404 directory
And here I found a hello.pcapng file so I went to Wireshark and opened this file and
after looking some of the packets from above I found a packetNo11 having a comment in it.
So now I moved to this /stayathome directory and I found 4 images there I
downloaded them all and I just ran strings command on all the files and in one of them I got another directory.
That is /FinalStage
I moved to that directory and again I found a file that is a Challenge.psd file
So it is a adobe photoshop file so I just open GIMP tool in kali which is just similar to the
adobe photoshop and the flag is covered with the layers which I can see clearly
Look at the middle right portion you can see the flag that is
PAC_Sec{Welcome_To_Hell}
Author: Shikhar Gupta
Author: Shikhar Gupta
