# PLATFORM . THM# CTF NAME . Confidential# DESCRIPTION . We got our hands on a confidential case file from some self-declared "black hat hackers"... it looks like they have a secret invite code.# DIFFICULTY . Easy# CTF LINK . https://tryhackme.com/room/confidential-
The PDF contains a QR code that is overlapped by another image, so we can’t scan it.
-
The CTF is booting on THM’s attack box and I don’t like working there ; plus, I don’t have the tools required installed.
-
I’ve transfered the file to my host using netcat
# my hostnc -l -p 3131 > pdf.pdf
# attackboxnc -N my_IP 3131 < pdfname.pdf-
I treid using the common tools like
exiftool,binwalk,strings,pdfinfobut with no luck. -
I came across
pdfimageswhile googling for tools that might help and the syntax is as follows
pdfimages -all pdf.pdf extractedlsextracted-000.png extracted-001.png extracted-002.pngextracted-000.pngcontains the QR code and can be scanned to get the value.