Redacted Text in PDFs (PicoCTF 2022 #20 'redaction-gone-wrong')

Подписаться 1,8 млн

Просмотров 15 тыс.

50% 1

Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeac...
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
👨🏻‍💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humbleb...
🐶Snyk ➡ j-h.io/snyk
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsor...
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc

Опубликовано:

16 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 16

@superfish4603 2 года назад

The most impressive thing in this series is that John keeps powering through the challenges even though he is visibly pissed by how poorly some are designed. :D

@HPHRGaming-vx2gl 2 года назад

I love how you took a super easy “challenge” and still taught us about something (pdftotext). I’m still learning stuff as you go through these easy challenges. Sometimes it’s just another way of solving it. So keep it up John!

@GodBurstPk 2 года назад

A teacher did this at my university on an exam, i wonder why everyone got 10/10

@JayzyIsHere 2 года назад

I had this course on 3D printing last year. A part of it was recognizing the method used from looking at a picture. Could just open the images on a new tab and there it is in the file name. We should be teaching the teachers at this point...

@chrisbitus1328 2 года назад

Good one Hohn Jammond.

@micleh Год назад

I understand that just highlighting text to get the flag is lame, but what you make out of it, i.e. using a tool to convert a pdf to text and then applying the now ingrained method to grep the contents, is what made this video worthwhile, even though it seemed trite in the first place. A question that remains is how to properly redact confidential documents. I just remember a piece of advice from a German RU-vidr that tackles cryptology: If you want to be absolutely certain that no information can be retrieved, make an analog copy by placing strips on the pieces to be redacted and then scan that analog version. I'd be interesting to get your take on that advice.

@suruurism Год назад

Always inspiring and educating

@greyether777 2 года назад

You called it "lame-o" lol...thanks for your time John!!

@lordspacecake5565 2 года назад

Didn't expect that one lol.

@chrysoulaandreadou3398 2 года назад

First open the file with any program that can read a pdf (browser, acrobatreader, word, in windows, linux whatever) then Ctrl+A Ctrl+C then paste it to notepad Ctrl+V (or anywhere but as text only). If you check the pdf file structure it is evident why this works.

@s6_doctor890 Год назад

to be fair an actual classified government doc made that mistake and uploaded it to the internet I think is was some classified submarine doc, cant fully remember.