I’m stuck on the question “Search the file system for a file containing a password. Submit the password as your answer.”
I found file called stuff.txt in the documents folder with a password, but that’s not correct when i submit it
Can someone point me in the right direction?
try to find a another document there is a username and password in
once you find the file you can cat it and then pipe to Select-String to easily locate it
cat C:\Users\file\path | Select-String password
how did you solve this actually ? this section is so stupid
I found it in a xml file.
2 Likes
For anyone stuck on the first question:
- Make sure to read the hint and start searching from within the
c:\usersdirectory. - Something that confused me a lot and maybe is good to clarify for others:
The
/Coption is not related to defining where the search starts from; instead, it’s used to specify the search string itself. The search starts from the beginning of each file specified in the command.
I initially thought that the /C:"password" part of the command defines where the search is starting from (similar to find / in Unix-based systems), thus, I spent a lot of time just searching files from another directory than c:\users because I thought it did not matter.
2 Likes
can anyone help with “Connect as the bob user and practice decrypting the credentials in the pass.xml file. Submit the contents of the flag.txt on the desktop once you are done.”?
Run this .ps1 script Dont forget to Set-ExecutionPolicy first.
Clear-Host
Set-Location C:\
$filepath = Get-ChildItem -Recurse -Filter pass.xml -ErrorAction SilentlyContinue | Select-Object -ExpandProperty FullName -First 1
if ($filepath) {
enter a tab space here> $credential = Import-Clixml -Path $filepath
enter a tab space here> $credential.GetNetworkCredential().username
enter a tab space here> $credential.GetNetworkCredential().password
} else {
Write-Output “No pass.xml file found.”
}