Knock Knock - Sherlock

I’ve been stuck for hours on two Sherlock Knock Knock questions, if anyone can give me a tip or direction.

1.Whats the deadline for hiring foreign developers? - I found a file in the tcp data stream where the user extracts the file with the command “MDTM Tasks to get Done.docx” I tried everything possible to save and open the file but was unsuccessful, it has a file signature “PK” but no format worked for me. My intuition says that this file may have the answer to the question, but I’m not sure.

2.Whats the SSH password which attacker used to access the server and get full access? - After finding the file that gives a hint as to where the password is, I can’t find where he could have extracted this information. I followed the entire network flow from the moment I read the tip until the ssh connection but I didn’t find the blessed password.

Thanks in advance.

I did a solution video for fun on Youtube if anyone wants. Can find it on the CuriouSecurity channel :slight_smile:

1 Like

Nice walkthrough bro, thanks to shared.

1 Like