recon_10 (visual recon)
View the exercise here: PentesterLab: Recon 10
OBJECTIVE
For this challenge, your goal is to use visual reconnaissance. You will need to find the website with the key in red.
VISUAL RECONNAISSANCE
For this challenge, the web applications are hosted under: 0x["%02x"].a.hackycorp.com
as in:
0x00.a.hackycorp.com
0x01.a.hackycorp.com
...
0x0a.a.hackycorp.com
0x0b.a.hackycorp.com
...
If you haven't done visual reconnaissance before, you can try to use the tool Aquatone to get images that you can browse easily to find the right key (in red).
SOLUTION
Let’s first try to check manually the first 4 links of the sequence.
We notice that the output color of the keys is blue
and black
.
The keys in the website are images, so we can solve this challenge by saving the output image of each site and then checking them visually after visiting all sites to find the text in red
.
It would be very tedious to manually do this, so we’ll use a script to automate the saving of the output.
Click the tabs to see the thought process on how we arrived at the final code used to automate the printing process of the key on each page for easy viewing later.
For each line, the script uses curl
to download a file named logo.png
from the specified URL and saves it with the filename <line>.png
. This script helps automate the process of downloading and saving files from multiple URLs listed in a text file.
Wait until all is done.
Once everything is saved, open all photos at once.
Visually scan the photos to check for the key in red text.
You can also open the image name back in the browser to view the key.
Last updated