はじめに
HTB Business CTF 2024にTeam NEC Corporationとして参加してました。順位は70位、私はCloudのScurried, Protrude, MetaRootedとForensicのCaving、CryptoのeXciting Outpost Recon、RevのFlagCasinoを解きました。ほぼVeryeasy....
Writeupは公式のGithubがありますが、私の記憶が間違いでなければCloud Protrudeの問題のFlagが違うのではと思ったので記録として残しておこうと思います。
GitHub - hackthebox/business-ctf-2024: Official writeups for Business CTF 2024: The Vault Of Hope
Cloud Protrude
問題としてはAWSのアクセスキーが与えられるのでそれをもとにflagを見つけます。
Access key ID,Secret access key, region name AKIAXYAFLIG2JE6MC2SY,teWVv0GzIBKS23uozxUGmUH+muE5XB86fnZmRZXu, us-east-1
まずはaws configureコマンドでアクセスキーを設定します。そのあとHacktricksの内容を見つつEnumerationするとaws ds describe-directoriesコマンドで情報が入手できます。
└─$ aws ds describe-directories
{
"DirectoryDescriptions": [
{
"DirectoryId": "d-9067e0513b",
"Name": "vault101.wasteland.local",
"ShortName": "VAULT101",
"Size": "Small",
"Alias": "vault101",
"AccessUrl": "vault101.awsapps.com",
"DnsIpAddrs": [
"172.31.87.164",
"172.31.31.15"
],
"Stage": "Active",
"LaunchTime": "2024-04-28T17:47:14.630000-04:00",
"StageLastUpdatedDateTime": "2024-04-28T17:54:13.623000-04:00",
"Type": "SimpleAD",
"VpcSettings": {
"VpcId": "vpc-0d7b2c5c8509574bd",
"SubnetIds": [
"subnet-0a5022ff1dfdf5518",
"subnet-0574f58cd2d4f85ca"
],
"SecurityGroupId": "sg-0bee7f241cef79345",
"AvailabilityZones": [
"us-east-1a",
"us-east-1d"
]
},
"SsoEnabled": true,
"DesiredNumberOfDomainControllers": 0
}
]
}
AWS - Directory Services / WorkDocs Enum | HackTricks Cloud | HackTricks Cloud
WorkdocsのURLがvault101.awsapps.comであることがわかります。そのままHackTricksに書いてあるようにdescribe-activitiesで内容を確認していきます。
$ aws workdocs describe-activities --organization-id d-9067e0513b
{
"UserActivities": [
{
"Type": "DOCUMENT_VERSION_VIEWED",
"TimeStamp": "2024-05-18T12:36:36.297000-04:00",
"IsIndirectActivity": false,
"Initiator": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
},
"ResourceMetadata": {
"Type": "document",
"Name": "flag.txt",
"Id": "5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303",
"Owner": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
}
}
},
{
"Type": "DOCUMENT_VERSION_UPLOADED",
"TimeStamp": "2024-05-18T12:15:38.010000-04:00",
"IsIndirectActivity": false,
"Initiator": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
},
"ResourceMetadata": {
"Type": "document",
"Name": "flag.txt",
"Id": "5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303",
"Owner": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
}
}
},
{
"Type": "DOCUMENT_RECYCLED",
"TimeStamp": "2024-05-18T12:15:25.001000-04:00",
"IsIndirectActivity": false,
"Initiator": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
},
"ResourceMetadata": {
"Type": "document",
"Name": "flag.txt",
"OriginalName": "flag.txt",
"Id": "77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3",
"Owner": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
}
}
},
{
"Type": "DOCUMENT_VERSION_VIEWED",
"TimeStamp": "2024-05-02T15:19:09.840000-04:00",
"IsIndirectActivity": false,
"Initiator": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
},
"ResourceMetadata": {
"Type": "document",
"Name": "flag.txt",
"Id": "77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3",
"Owner": {
"Id": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b"
}
}
}
(snip)
flag.txtが存在しており、この問題のflagっぽいことがわかります。
aws workdocs get-document --document-id <doc-id>でファイルを入手できます。
$ aws workdocs get-document --document-id 77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3
{
{
"Metadata": {
"Id": "77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3",
"CreatorId": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b",
"ParentFolderId": "94e9703302611d8aa338d1c30999705e8049ee1582a1c5786b0a7eda3c16ea3c",
"CreatedTimestamp": "2024-04-28T18:24:09.164000-04:00",
"ModifiedTimestamp": "2024-05-18T12:15:25.001000-04:00",
"LatestVersionMetadata": {
"Id": "1714343049164-81272441b82c9b001b5dc02d4cc08291587c9fc374f03ac27a71773271311aea",
"Name": "flag.txt",
"ContentType": "text/plain",
"Size": 34,
"Signature": "d2e51309fefb4b367def2c26cb725048",
"Status": "ACTIVE",
"CreatedTimestamp": "2024-04-28T18:24:09.164000-04:00",
"ModifiedTimestamp": "2024-04-28T18:24:09.164000-04:00",
"CreatorId": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b",
"Thumbnail": {
"LARGE": "https://gb-prod-doc-source.s3.amazonaws.com/77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3/1714343049164-81272441b82c9b001b5dc02d4cc08291587c9fc374f03ac27a71773271311aea/PDF_LARGE?response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27LARGE&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJn%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJIMEYCIQCUMeJacU%2FMa3ONPQr5cGHSxYgfisdbTCfvqdCSFIQTjQIhAMDGtj2wNRhSKF2bynLMO8r5qEd0CtRMYePa42r0GGw1KtUDCBIQABoMOTczMTg3NTUzMDI3Igx%2BNLBqvBicttm1%2F%2BIqsgPRPBl8WHj07L8cwomPgFSvwKvkMKkkGRoEvDLEf%2FOCYfVOAehgUUZXXq%2BgXeOrGS%2F%2Fi64iErJ5eyovacvq%2B%2B7xEef6%2FixOcXfhQGmCt1GnjuhKJPCKmKFu5JVias6RSgMO2ANUh08IQS9J67aZT0BcOID5wDy%2B9i09TQBVleRxvKZ%2BZ4ihsNIgGvvhBA33RsJfBlj5Ary3SuE%2Fhf2k8YzZuRcW9qVg27yrUCcWoKCJGFpU5oOqH0rzFYiqBfXPZwla3ZIL4Fi%2BVNn62uUGxRkDMZPkpx%2BRN14Rpdv8i2ttnIgZSEMDnOTYtl5sgRR8r7eViHVdzoTXoyccZxsnzrKC%2FFQRNQwvFwwHqOShTk8EZlMh1HOw7LHXz0Opua4kCaEZBAeICDDE1YzOApR2UWFbLJ6JtMPdWoFSo8oh4khOe4BqdMpq87%2FvSsGpxaefo%2BDcXi190bMnDx%2FvZo5hfuCxw%2B356PWCY16rd6tlAzKmAayTIXTPMT9GCkQtqM49SzBmj2aZcx6rn4T%2FHhu9BxUv%2BjMJWScRo4UstxbKslrSaT%2FUhIv899BnT486eRAi6uMgZzDz86ayBjqgAaSVq821v2pVjoIIWxyNJWlSl8odH1y8z9si0OvYdPi1c5Q6nexvFwiYFb13t23virhMO7tHdsNjzE2cxnQOj8Kf3f91q2l8a6Ijb%2Bj0hDspn8kSf3Q%2FdPsAyC9rn%2B7MVgKPfWntfjkvBNzN5O0vCf%2FYZsh53%2BM6sXXoeGbKxTCjozrEXmLmjbPQ75KJ1EHQ7Z9FHjCPD0BMXaqaLa3D%2Ftw%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240519T085302Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA6FFT7S4B5POFWAUR%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d92447283e3aee5c8369f8f4929b19385866dc85fce465b61903a876c5dc4ab1",
"SMALL": "https://gb-prod-doc-source.s3.amazonaws.com/77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3/1714343049164-81272441b82c9b001b5dc02d4cc08291587c9fc374f03ac27a71773271311aea/PDF_SMALL?response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27SMALL&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJn%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJIMEYCIQCUMeJacU%2FMa3ONPQr5cGHSxYgfisdbTCfvqdCSFIQTjQIhAMDGtj2wNRhSKF2bynLMO8r5qEd0CtRMYePa42r0GGw1KtUDCBIQABoMOTczMTg3NTUzMDI3Igx%2BNLBqvBicttm1%2F%2BIqsgPRPBl8WHj07L8cwomPgFSvwKvkMKkkGRoEvDLEf%2FOCYfVOAehgUUZXXq%2BgXeOrGS%2F%2Fi64iErJ5eyovacvq%2B%2B7xEef6%2FixOcXfhQGmCt1GnjuhKJPCKmKFu5JVias6RSgMO2ANUh08IQS9J67aZT0BcOID5wDy%2B9i09TQBVleRxvKZ%2BZ4ihsNIgGvvhBA33RsJfBlj5Ary3SuE%2Fhf2k8YzZuRcW9qVg27yrUCcWoKCJGFpU5oOqH0rzFYiqBfXPZwla3ZIL4Fi%2BVNn62uUGxRkDMZPkpx%2BRN14Rpdv8i2ttnIgZSEMDnOTYtl5sgRR8r7eViHVdzoTXoyccZxsnzrKC%2FFQRNQwvFwwHqOShTk8EZlMh1HOw7LHXz0Opua4kCaEZBAeICDDE1YzOApR2UWFbLJ6JtMPdWoFSo8oh4khOe4BqdMpq87%2FvSsGpxaefo%2BDcXi190bMnDx%2FvZo5hfuCxw%2B356PWCY16rd6tlAzKmAayTIXTPMT9GCkQtqM49SzBmj2aZcx6rn4T%2FHhu9BxUv%2BjMJWScRo4UstxbKslrSaT%2FUhIv899BnT486eRAi6uMgZzDz86ayBjqgAaSVq821v2pVjoIIWxyNJWlSl8odH1y8z9si0OvYdPi1c5Q6nexvFwiYFb13t23virhMO7tHdsNjzE2cxnQOj8Kf3f91q2l8a6Ijb%2Bj0hDspn8kSf3Q%2FdPsAyC9rn%2B7MVgKPfWntfjkvBNzN5O0vCf%2FYZsh53%2BM6sXXoeGbKxTCjozrEXmLmjbPQ75KJ1EHQ7Z9FHjCPD0BMXaqaLa3D%2Ftw%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240519T085302Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA6FFT7S4B5POFWAUR%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=b3f7ebd3d65ad8fe74eec494bf5220e57715ba25aa27142d3e93f2d2ac255c79",
"SMALL_HQ": "https://gb-prod-doc-source.s3.amazonaws.com/77c4bd695e891b73b67f8c6c11df9baa76b47a2f0fe837ef201f34f5de0fb3e3/1714343049164-81272441b82c9b001b5dc02d4cc08291587c9fc374f03ac27a71773271311aea/PDF_SMALL_HQ?response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27SMALL_HQ&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJn%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJIMEYCIQCUMeJacU%2FMa3ONPQr5cGHSxYgfisdbTCfvqdCSFIQTjQIhAMDGtj2wNRhSKF2bynLMO8r5qEd0CtRMYePa42r0GGw1KtUDCBIQABoMOTczMTg3NTUzMDI3Igx%2BNLBqvBicttm1%2F%2BIqsgPRPBl8WHj07L8cwomPgFSvwKvkMKkkGRoEvDLEf%2FOCYfVOAehgUUZXXq%2BgXeOrGS%2F%2Fi64iErJ5eyovacvq%2B%2B7xEef6%2FixOcXfhQGmCt1GnjuhKJPCKmKFu5JVias6RSgMO2ANUh08IQS9J67aZT0BcOID5wDy%2B9i09TQBVleRxvKZ%2BZ4ihsNIgGvvhBA33RsJfBlj5Ary3SuE%2Fhf2k8YzZuRcW9qVg27yrUCcWoKCJGFpU5oOqH0rzFYiqBfXPZwla3ZIL4Fi%2BVNn62uUGxRkDMZPkpx%2BRN14Rpdv8i2ttnIgZSEMDnOTYtl5sgRR8r7eViHVdzoTXoyccZxsnzrKC%2FFQRNQwvFwwHqOShTk8EZlMh1HOw7LHXz0Opua4kCaEZBAeICDDE1YzOApR2UWFbLJ6JtMPdWoFSo8oh4khOe4BqdMpq87%2FvSsGpxaefo%2BDcXi190bMnDx%2FvZo5hfuCxw%2B356PWCY16rd6tlAzKmAayTIXTPMT9GCkQtqM49SzBmj2aZcx6rn4T%2FHhu9BxUv%2BjMJWScRo4UstxbKslrSaT%2FUhIv899BnT486eRAi6uMgZzDz86ayBjqgAaSVq821v2pVjoIIWxyNJWlSl8odH1y8z9si0OvYdPi1c5Q6nexvFwiYFb13t23virhMO7tHdsNjzE2cxnQOj8Kf3f91q2l8a6Ijb%2Bj0hDspn8kSf3Q%2FdPsAyC9rn%2B7MVgKPfWntfjkvBNzN5O0vCf%2FYZsh53%2BM6sXXoeGbKxTCjozrEXmLmjbPQ75KJ1EHQ7Z9FHjCPD0BMXaqaLa3D%2Ftw%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240519T085302Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA6FFT7S4B5POFWAUR%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=548fc0d1b43fd5137a5c59e28b91fe81edd0c04f410e3063d1be0011c2514923"
}
},
"ResourceState": "RECYCLED"
}
}
URLが入手できるので、wgetしてファイルを開いてみると次の画像が入手できました。
LEETっぽいのでlかIかわからないなと思いつつ、入力しましたが正解になりませんでした。
HTB{v4Ul7l0i_i5_L0vely_l5n'7_l7?}
HTB{v4UI7l0i_i5_L0vely_I5n'7_I7?}
HTB{v4Ul7I0i_i5_L0vely_I5n'7_I7?}
HTB{v4Ul7I0i_i5_L0vely_I5n'7_I7?} ★これが公式のWriteupでも正解となってたもの
改めてdescribe-activitiesの結果を眺めていると、flag.txtではあるもののdoc-idが異なるものがあることに気づきました。
$ aws workdocs get-document --document-id 5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303
{
"Metadata": {
"Id": "5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303",
"CreatorId": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b",
"ParentFolderId": "a640c404de3b5999c1d06cdf4eb6b7a29de60b26d1611cc8bc3757447dc49555",
"CreatedTimestamp": "2024-05-18T12:15:36.962000-04:00",
"ModifiedTimestamp": "2024-05-18T12:15:44.393000-04:00",
"LatestVersionMetadata": {
"Id": "1716048936962-62cd64e3c78ceac9b28d07615056620eb3c41ba49156b8f5979eac81eaa1f720",
"Name": "flag.txt",
"ContentType": "text/plain",
"Size": 40,
"Signature": "3a1339875f0d0486886f1f4da81171a0",
"Status": "ACTIVE",
"CreatedTimestamp": "2024-05-18T12:15:36.962000-04:00",
"ModifiedTimestamp": "2024-05-18T12:15:36.962000-04:00",
"CreatorId": "S-1-5-21-1692074632-1250882497-497425265-500&d-9067e0513b",
"Thumbnail": {
"LARGE": "https://gb-prod-doc-source.s3.amazonaws.com/5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303/1716048936962-62cd64e3c78ceac9b28d07615056620eb3c41ba49156b8f5979eac81eaa1f720/PDF_LARGE?response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27LARGE&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJn%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJIMEYCIQCderu0vseAlQ%2Bxbx8iWzr3ebx7kfpN6u8VUg12OYs4kQIhANjExFWpPdLhbp%2FXQOMRLrG5VdLrAfcNSIFOAYLeCHpNKtMDCBIQABoMOTczMTg3NTUzMDI3Igz%2BK62jK8e7gkr047oqsANlL%2FKP0W4fLKRZadh9CK5u0BYJWVQwarmD2xj6ypqfsHTVuquxN8hog3nwt4pWvts3sxfG2n3rcYdye2vkNrPws4DGDTkt%2FDYAacilQL0rWROqw5pDSF3pTzCFHf06IcPz%2BTSAGc94zwlmJA0dtR%2Bbqz4bOwYKnaXfv4jBwe3KKShgmAT0IeBICKmAKkLZ0B%2FjRtQvcf7ee6jYqa%2Ff4zrqB9PxzJGXqMbnmoGmZ7ROHSE2dcexnOtw7%2F68rf34v1tc7I1UwuWMrYHHfTuEJAMszRDi73OixDyYP4tA9B%2B0Qpi0%2BKN4QdzgpzsS5nxDOXkwZ2YC%2BaDSmmmsgMI8AwBf9OaBDzpkbMQ7dbO5IP79%2FHKOl0KCy3nrHkfLY%2FCWxTmUiyrA5qmQkSc0ytOty0rdku5RCyEubXyUcSvxoICGvlm%2FOs6TyV7X8OWZ9AT4r3BNkmP4BZOH3lNRJxIbJiQIowEm%2FAr202akyfzefh%2BRm%2BGRGLj%2FChC%2BKKLnCYRk657xF38zSQldXp%2BfY%2BmKCPQaLpcV8KoW0HKRsS6klIwHSqFXNSwvlbjzYquAvm8vZHMwiPimsgY6oAF3BhHHvxwmZ6N6TSRN0Yq%2BhwYh1VRvyyW8llig81RWbJkVID4d42Zf5o8M9k20i927O8Fa4GKn9pcqLZSVgbC9Y%2Fvz9CESFzyZddxv6ZepIV7Dehjo7ESl5Xtm6Glj4NQznASPg%2B3iI2WP0HMyA%2FzCMuYTvaDUaOzgClR%2BQKYFEkIXcj4jCwtzsnpReHmfQW6aXuodPFH9RdjphijHjjvs&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240519T093121Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA6FFT7S4BZ4TFMCI5%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=805b54d267ab2df286dd9888184ffaf71b60557e0f1b88e78c28ba3de5ad8652",
"SMALL": "https://gb-prod-doc-source.s3.amazonaws.com/5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303/1716048936962-62cd64e3c78ceac9b28d07615056620eb3c41ba49156b8f5979eac81eaa1f720/PDF_SMALL?response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27SMALL&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJn%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJIMEYCIQCderu0vseAlQ%2Bxbx8iWzr3ebx7kfpN6u8VUg12OYs4kQIhANjExFWpPdLhbp%2FXQOMRLrG5VdLrAfcNSIFOAYLeCHpNKtMDCBIQABoMOTczMTg3NTUzMDI3Igz%2BK62jK8e7gkr047oqsANlL%2FKP0W4fLKRZadh9CK5u0BYJWVQwarmD2xj6ypqfsHTVuquxN8hog3nwt4pWvts3sxfG2n3rcYdye2vkNrPws4DGDTkt%2FDYAacilQL0rWROqw5pDSF3pTzCFHf06IcPz%2BTSAGc94zwlmJA0dtR%2Bbqz4bOwYKnaXfv4jBwe3KKShgmAT0IeBICKmAKkLZ0B%2FjRtQvcf7ee6jYqa%2Ff4zrqB9PxzJGXqMbnmoGmZ7ROHSE2dcexnOtw7%2F68rf34v1tc7I1UwuWMrYHHfTuEJAMszRDi73OixDyYP4tA9B%2B0Qpi0%2BKN4QdzgpzsS5nxDOXkwZ2YC%2BaDSmmmsgMI8AwBf9OaBDzpkbMQ7dbO5IP79%2FHKOl0KCy3nrHkfLY%2FCWxTmUiyrA5qmQkSc0ytOty0rdku5RCyEubXyUcSvxoICGvlm%2FOs6TyV7X8OWZ9AT4r3BNkmP4BZOH3lNRJxIbJiQIowEm%2FAr202akyfzefh%2BRm%2BGRGLj%2FChC%2BKKLnCYRk657xF38zSQldXp%2BfY%2BmKCPQaLpcV8KoW0HKRsS6klIwHSqFXNSwvlbjzYquAvm8vZHMwiPimsgY6oAF3BhHHvxwmZ6N6TSRN0Yq%2BhwYh1VRvyyW8llig81RWbJkVID4d42Zf5o8M9k20i927O8Fa4GKn9pcqLZSVgbC9Y%2Fvz9CESFzyZddxv6ZepIV7Dehjo7ESl5Xtm6Glj4NQznASPg%2B3iI2WP0HMyA%2FzCMuYTvaDUaOzgClR%2BQKYFEkIXcj4jCwtzsnpReHmfQW6aXuodPFH9RdjphijHjjvs&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240519T093121Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA6FFT7S4BZ4TFMCI5%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=44c9bab4aacc25089958a2d6f721cf931fa5be1cbf03e24eb19aff70db65e39a",
"SMALL_HQ": "https://gb-prod-doc-source.s3.amazonaws.com/5347a27512a4f5a1c0ed4b7e965210deecbb6b806a23034ce799614ca32a8303/1716048936962-62cd64e3c78ceac9b28d07615056620eb3c41ba49156b8f5979eac81eaa1f720/PDF_SMALL_HQ?response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27SMALL_HQ&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJn%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJIMEYCIQCderu0vseAlQ%2Bxbx8iWzr3ebx7kfpN6u8VUg12OYs4kQIhANjExFWpPdLhbp%2FXQOMRLrG5VdLrAfcNSIFOAYLeCHpNKtMDCBIQABoMOTczMTg3NTUzMDI3Igz%2BK62jK8e7gkr047oqsANlL%2FKP0W4fLKRZadh9CK5u0BYJWVQwarmD2xj6ypqfsHTVuquxN8hog3nwt4pWvts3sxfG2n3rcYdye2vkNrPws4DGDTkt%2FDYAacilQL0rWROqw5pDSF3pTzCFHf06IcPz%2BTSAGc94zwlmJA0dtR%2Bbqz4bOwYKnaXfv4jBwe3KKShgmAT0IeBICKmAKkLZ0B%2FjRtQvcf7ee6jYqa%2Ff4zrqB9PxzJGXqMbnmoGmZ7ROHSE2dcexnOtw7%2F68rf34v1tc7I1UwuWMrYHHfTuEJAMszRDi73OixDyYP4tA9B%2B0Qpi0%2BKN4QdzgpzsS5nxDOXkwZ2YC%2BaDSmmmsgMI8AwBf9OaBDzpkbMQ7dbO5IP79%2FHKOl0KCy3nrHkfLY%2FCWxTmUiyrA5qmQkSc0ytOty0rdku5RCyEubXyUcSvxoICGvlm%2FOs6TyV7X8OWZ9AT4r3BNkmP4BZOH3lNRJxIbJiQIowEm%2FAr202akyfzefh%2BRm%2BGRGLj%2FChC%2BKKLnCYRk657xF38zSQldXp%2BfY%2BmKCPQaLpcV8KoW0HKRsS6klIwHSqFXNSwvlbjzYquAvm8vZHMwiPimsgY6oAF3BhHHvxwmZ6N6TSRN0Yq%2BhwYh1VRvyyW8llig81RWbJkVID4d42Zf5o8M9k20i927O8Fa4GKn9pcqLZSVgbC9Y%2Fvz9CESFzyZddxv6ZepIV7Dehjo7ESl5Xtm6Glj4NQznASPg%2B3iI2WP0HMyA%2FzCMuYTvaDUaOzgClR%2BQKYFEkIXcj4jCwtzsnpReHmfQW6aXuodPFH9RdjphijHjjvs&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240519T093121Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA6FFT7S4BZ4TFMCI5%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1860c2e9c4aaabf995daa4cd4cd1e1f71ed1f93b11e5a890eb6cd9fe63e00800"
}
},
"ResourceState": "ACTIVE"
}
一番下のResourceStateがACTIVEになっていました。
HTB{AWS_WORKDOCS_CAN_HAVE_USEFUL_STUFF}を送信したら正解した(記憶がある、あやふやなのでもしかしたらその前に送信していたやつで正解していた可能性もあるが)
おわり
別解ではないが、なんか違う感じだったので記録として残します。CTF自体はとても楽しかったですが、もっと取り組んでいかないと解けないよなという思いもありました。
