Blood Bash 4


A sensitive file from De Monne was exfiltrated by mort1cia. It contains data relating to a new web portal they're creating for their consumers. Read the contents of the file and return the flag as flag{flag_goes_here}.

Username: bl0ody_mary
Password: d34df4c3


There is a PDF file in the home directory with a name that appears to be related to the portal mentioned in the challenge:

$ ls -l

-rw-r--r-- 1 bl0ody_mary bl0ody_mary 12444 Sep 14 20:20 'De Monne Customer Portal.pdf'

The simplest way to get a local copy of the PDF is to Base64 encode it, copy the encoded payload to the terminal clipboard and finally paste and decode it locally:

$ base64 De\ Monne\ Customer\ Portal.pdf


Highlight the entire output, copy it to the clipboard and paste it into a new local file. Finally, decode the payload and open the PDF.

$ base64 -D temp.bin > file.pdf

Opening the PDF reveals the flag:



Leave a comment