THM - Cat Pictures 2

A writeup for the room Cat Pictures 2 on TryHackMe

Now with more Cat Pictures!

Cat Pictures 2

Footprinting​

We can start with an nmap scan that finds five open ports with three publicly accessible web servers.

nmap -sS <HOST>

22 -> SSH
80 -> Lychee Photo Album
222 -> Gitea SSH (?)
3000 -> Gitea
8080 -> python server (?)

First flag​

Finding interesting metadata​

We try to take a look inside the Lychee photo album.

In the info of the first image we can see a comment about removing the metadata.

Once the image is downloaded, we can check its metadata using the exiftool looking for additional information.

exiftool image.jpg

The secret note