OWASP LPU CTF: Where is the Passkey

So basically we got a PDF which is protected with a password and also through description there is32 text Highlighted let's see whether its might use in future.

Here we got the PDF which is encrypted You can Crack the PDF by Generating HASH

You can Use the John the Riper to decrypt the PDF file

./pdf2john.pl path_to_file/important.pdf > hash.txt

john hash.txt

After this, it would search for the default list and decrypts using the ASCII encryption, But it is time taking……..

From the Hints, we got Elite Hacker List….. Lets search it in Google

This is from Seclists EliteHackerList using this and command / hash generated from the previous step we can get password

john — wordlist=elitehacker.txt hash.txt

Through this we got the Password 1izznit

• *Note: elitehackerlist is a list of files from Setlists you can get this lists from GitHub this can be used for fast solving this hint is provided in the challenge

After cracking the password you will get Text

1k 36 10 1l 1n 10 1k 1h 10 1l 1j 10 1l 1g 10 1k 33 10 1l 1g 10 1l 1l 10 1n 32 10 1j 1g 10 1m 1o 10 1l 36 10 1n 1p 10 1j 1g 10 1n 1l 10 1l 36 10 1m 1j 10 1n 1i 10 1j 1k 10 1m 1j 10 1m 32 10 1j 1j 10 1m 1k 10 1l 36 10 1m 1p 10 1n 1k 10 1n 34

You can see this is a Charcode. We need a base to decrypt which is 32 which we got from the Description

After that we got Hex Code and Decrypting That file gives us the Flag which is

OWASPLPU{0h_y0u_cr4ck3d_it}

Thanks For Reading,……..

Likhith Kanigolla

Security Researcher

#HappyHacking