██████▓██ ██▓ ███▄ ▄███▓ ██▓ ██▓ ███▄ █ ██ ▄█▀
▒██ ▒ ▒██ ██▒▓██▒▀█▀ ██▒ ▓██▒ ▓██▒ ██ ▀█ █ ██▄█▒
░ ▓██▄ ▒██ ██░▓██ ▓██░ ▒██░ ▒██▒▓██ ▀█ ██▒▓███▄░
▒ ██▒ ░ ▐██▓░▒██ ▒██ ▒██░ ░██░▓██▒ ▐▌██▒▓██ █▄
▒██████▒▒ ░ ██▒▓░▒██▒ ░██▒ ░██████▒░██░▒██░ ▓██░▒██▒ █▄
▒ ▒▓▒ ▒ ░ ██▒▒▒ ░ ▒░ ░ ░ ░ ▒░▓ ░░▓ ░ ▒░ ▒ ▒ ▒ ▒▒ ▓▒
░ ░▒ ░ ░▓██ ░▒░ ░ ░ ░ ░ ░ ▒ ░ ▒ ░░ ░░ ░ ▒░░ ░▒ ▒░
░ ░ ░ ▒ ▒ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░project-directory/
├── generate_flag.py
├── image.py
├── fetch_flag.py
├── flag.txt
├── images/
├── temp_images/1. Create Required Files and Directories
Run the following commands to set up the structure:
mkdir temp_images
touch flag.txt2. Restrict Permissions
Ensure that flag.txt and the folders images/ and temp_images/ can only be accessed with sudo privileges:
sudo chown root:root flag.txt
sudo chmod 600 flag.txt
sudo chmod 700 images
sudo chmod 700 temp_images
sudo chown root:root images
sudo chown root:root temp_imagesFor Symbolic Link
ln -s [target_file] [link_name]If you open file/folder direct without sudo access then:
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ cat flag.txt
cat: flag.txt: Permission denied
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ cd temp-images
cd: permission denied: temp-images
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ cd images
cd: permission denied: images1. generate_flag.py
This script generates a flag, writes it to flag.txt, and removes the flag after sending it.
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ python3 generate_flag.py
Done.
Done.flag.txt file:
┌──(root㉿kali)-[/home/V3c70r/Desktop]
└─# cat flag.txt
flag{6107274195} Symbolic link file also save the same flag that store in flag.txt
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ sudo cat symbolic_flag.txt
flag{6107274195} 2. Image.py
This script handles moving an image from the images folder to the temp_images folder and deletes it after processing.
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ python3 image.py
Image added
Image added
Image addedtemp-images folder:
┌──(root㉿kali)-[/home/naahl/Desktop/temp-images]
└─# ls
3.png3. fetch_flag.py
Option 1
┌──(V3c70r㉿kali)-[~/Desktop]
└─$ sudo python3 fetch_flag.py
██████▓██ ██▓ ███▄ ▄███▓ ██▓ ██▓ ███▄ █ ██ ▄█▀
▒██ ▒ ▒██ ██▒▓██▒▀█▀ ██▒ ▓██▒ ▓██▒ ██ ▀█ █ ██▄█▒
░ ▓██▄ ▒██ ██░▓██ ▓██░ ▒██░ ▒██▒▓██ ▀█ ██▒▓███▄░
▒ ██▒ ░ ▐██▓░▒██ ▒██ ▒██░ ░██░▓██▒ ▐▌██▒▓██ █▄
▒██████▒▒ ░ ██▒▓░▒██▒ ░██▒ ░██████▒░██░▒██░ ▓██░▒██▒ █▄
▒ ▒▓▒ ▒ ░ ██▒▒▒ ░ ▒░ ░ ░ ░ ▒░▓ ░░▓ ░ ▒░ ▒ ▒ ▒ ▒▒ ▓▒
░ ░▒ ░ ░▓██ ░▒░ ░ ░ ░ ░ ░ ▒ ░ ▒ ░░ ░░ ░ ▒░░ ░▒ ▒░
░ ░ ░ ▒ ▒ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░
Select an option:
1 - Kill the generate_flag.py process and fetch the flag
2 - Fetch the flag without killing the process
3 - Fetch Image from temp-images folder
4 - Exit
Enter your choice (1, 2, 3, or 4): 1
[+] Option 1 Selected: Killing the process...
[+] Searching for generate_flag.py process...
[+] Killing process with PID: 6453
[+] generate_flag.py process terminated successfully.
[+] Reading flag from flag.txt...
[+] Flag: flag{6107274195}Option 2
██████▓██ ██▓ ███▄ ▄███▓ ██▓ ██▓ ███▄ █ ██ ▄█▀
▒██ ▒ ▒██ ██▒▓██▒▀█▀ ██▒ ▓██▒ ▓██▒ ██ ▀█ █ ██▄█▒
░ ▓██▄ ▒██ ██░▓██ ▓██░ ▒██░ ▒██▒▓██ ▀█ ██▒▓███▄░
▒ ██▒ ░ ▐██▓░▒██ ▒██ ▒██░ ░██░▓██▒ ▐▌██▒▓██ █▄
▒██████▒▒ ░ ██▒▓░▒██▒ ░██▒ ░██████▒░██░▒██░ ▓██░▒██▒ █▄
▒ ▒▓▒ ▒ ░ ██▒▒▒ ░ ▒░ ░ ░ ░ ▒░▓ ░░▓ ░ ▒░ ▒ ▒ ▒ ▒▒ ▓▒
░ ░▒ ░ ░▓██ ░▒░ ░ ░ ░ ░ ░ ▒ ░ ▒ ░░ ░░ ░ ▒░░ ░▒ ▒░
░ ░ ░ ▒ ▒ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░
Select an option:
1 - Kill the generate_flag.py process and fetch the flag
2 - Fetch the flag without killing the process
3 - Fetch Image from temp-images folder
4 - Exit
Enter your choice (1, 2, 3, or 4): 2
[+] Option 2 Selected: Fetching the flag without killing the process...
[+] Reading flag from flag.txt...
[+] Flag: flag{6107274195}Option 3
██████▓██ ██▓ ███▄ ▄███▓ ██▓ ██▓ ███▄ █ ██ ▄█▀
▒██ ▒ ▒██ ██▒▓██▒▀█▀ ██▒ ▓██▒ ▓██▒ ██ ▀█ █ ██▄█▒
░ ▓██▄ ▒██ ██░▓██ ▓██░ ▒██░ ▒██▒▓██ ▀█ ██▒▓███▄░
▒ ██▒ ░ ▐██▓░▒██ ▒██ ▒██░ ░██░▓██▒ ▐▌██▒▓██ █▄
▒██████▒▒ ░ ██▒▓░▒██▒ ░██▒ ░██████▒░██░▒██░ ▓██░▒██▒ █▄
▒ ▒▓▒ ▒ ░ ██▒▒▒ ░ ▒░ ░ ░ ░ ▒░▓ ░░▓ ░ ▒░ ▒ ▒ ▒ ▒▒ ▓▒
░ ░▒ ░ ░▓██ ░▒░ ░ ░ ░ ░ ░ ▒ ░ ▒ ░░ ░░ ░ ▒░░ ░▒ ▒░
░ ░ ░ ▒ ▒ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░
Select an option:
1 - Kill the generate_flag.py process and fetch the flag
2 - Fetch the flag without killing the process
3 - Fetch Image from temp-images folder
4 - Exit
Enter your choice (1, 2, 3, or 4): 3
[+] Option 3 Selected: Fetching Image from temp-images...
[+] Checking temp-images folder for images...
[+] Image fetched: /home/naahl/Desktop/temp-images/3.png
[+] Image size: 6939636 bytes
[+] Image permissions: 744
[+] Image opened successfully.The image saved in temp-image pops up on your screen like this:
Option 4
██████▓██ ██▓ ███▄ ▄███▓ ██▓ ██▓ ███▄ █ ██ ▄█▀
▒██ ▒ ▒██ ██▒▓██▒▀█▀ ██▒ ▓██▒ ▓██▒ ██ ▀█ █ ██▄█▒
░ ▓██▄ ▒██ ██░▓██ ▓██░ ▒██░ ▒██▒▓██ ▀█ ██▒▓███▄░
▒ ██▒ ░ ▐██▓░▒██ ▒██ ▒██░ ░██░▓██▒ ▐▌██▒▓██ █▄
▒██████▒▒ ░ ██▒▓░▒██▒ ░██▒ ░██████▒░██░▒██░ ▓██░▒██▒ █▄
▒ ▒▓▒ ▒ ░ ██▒▒▒ ░ ▒░ ░ ░ ░ ▒░▓ ░░▓ ░ ▒░ ▒ ▒ ▒ ▒▒ ▓▒
░ ░▒ ░ ░▓██ ░▒░ ░ ░ ░ ░ ░ ▒ ░ ▒ ░░ ░░ ░ ▒░░ ░▒ ▒░
░ ░ ░ ▒ ▒ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░
Select an option:
1 - Kill the generate_flag.py process and fetch the flag
2 - Fetch the flag without killing the process
3 - Fetch Image from temp-images folder
4 - Exit
Enter your choice (1, 2, 3, or 4): 4
[+] Exiting. Goodbye!- Run the scripts with to ensure proper access to restricted files and folders.
- Start the fetch_flag.py script to interact with the system.
python3 fetch_flag.py- Follow the menu to fetch flags or images.
- Ensure you have the necessary permissions to run these scripts.
- Use this system responsibly and in compliance with your organization's security policies.