Start the machine, hack the system, and find the hidden flags to complete this challenge and earn points!
challenge.pdf
from the challenge page to your local machine.file challenge.pdf
to confirm it's a valid PDF file.pdfinfo challenge.pdf
to view basic metadata information. This will show you the document properties, creation date, and other standard metadata fields.strings challenge.pdf | grep -i flag
to search for any obvious references to flags in the file.pdf-parser.py
from the pdf-tools suite: python3 pdf-parser.py challenge.pdf
pdfid.py challenge.pdf
to get a quick overview of PDF elements and potential security issues.python3 pdf-parser.py -a challenge.pdf
to see all objects with their content.exiftool challenge.pdf
to examine all metadata fields, including custom ones that might contain the flag.exiftool -a -u challenge.pdf
to show all tags including unknown ones./CustomFlag
in the PDF metadata.pdf-parser.py
to search for custom fields: python3 pdf-parser.py challenge.pdf | grep -i custom
/CustomFlag (ca36830f\0555bc4\0554cdb\055a0ca\055fde5bb1132bd)
/CustomFlag
field, you'll see the value: ca36830f\0555bc4\0554cdb\055a0ca\055fde5bb1132bd
\055
sequences are escaped hyphens in the PDF format. Each \055
represents a hyphen character.\055
sequences with hyphens: ca36830f-5bc4-4cdb-a0ca-fde5bb1132bd
ca36830f-5bc4-4cdb-a0ca-fde5bb1132bd
echo "ca36830f\0555bc4\0554cdb\055a0ca\055fde5bb1132bd" | sed 's/\\055/-/g'
peepdf challenge.pdf
and use the interactive commands to explore the PDF structure and metadata.pdftk challenge.pdf dump_data
to see all document information including custom fields.qpdf --show-pages challenge.pdf
to see page information and objects.strings challenge.pdf | grep -i customflag
to find the custom field directly.Sign-in to your account to access your hacking courses and cyber security labs.
Access all hacking courses and cyber security labs.