Objective 2: Investigate S3 Bucket

Pasted image 20220904214749

Launching the objective presents another interactive terminal. Pasted image 20220904214758

Exploring home dir. Pasted image 20220904214806

Alright, so whats in bucket_finder/? Pasted image 20220904214817

Whats in the wordlist? Pasted image 20220904214828

Ok, the tool just brute forces for amazon buckets. I'll add some more names to the wordlist. I added the names I found in the directory and the three turtle dove's names. Pasted image 20220904214859

Added last names to wordlist. Still no. Pasted image 20220904214908

Ok, on login there was reference to wrapper3000. Is that anywhere on the local filesystem? No.

Shit, ok, wait. What if I run that into bucket_finder? obective-2-1

Alright, time to download the file. obective-2-2

What’s in the folder? obective-2-3

Whats this package? Pasted image 20220904215051

Can I base64 decode it? Yeah, looks like it has the PK magic header, and the string package.txt.Z.xz.xxd.tar.bz. obective-2-4

I redirected the output to package.b64d. obective-2-5

Extracting the archive with tar failed.

Can I unzip it? That's the PK header for real right? Yeah, and now I have a tar.bz2 objective-2-6

Now can I extrat the tarball? No? Pasted image 20220904215221

I don't know, I was adding a bad flag, and forgot to use the tac. Using -xvf worked fine. Pasted image 20220904215233

Now the extracted file is an xxd hex dump of a 7z archive. I can reverse the hexdump with xxd -r. objective-2-7

Tried uncompressing with 7z, not installed. Tried with tar, didn’t work. Found out about the xz tool. I looked at the help for syntax. Pasted image 20220904215304

Then decompressed the file. Pasted image 20220904215313

What the fuck is a .Z file? Oh, just another compresion tool… Pasted image 20220904215321

Can I uncompress? Yup. Pasted image 20220904215329

What's the txt file contents? Pasted image 20220904215336

North Pole: The Frostiest Place on Earth

Next: 1F: Entry