Skip to content

Instantly share code, notes, and snippets.

@RDxR10
Last active February 15, 2021 18:59
Show Gist options
  • Save RDxR10/8eddd8e0d809d28e09cfbcd649359e3c to your computer and use it in GitHub Desktop.
Save RDxR10/8eddd8e0d809d28e09cfbcd649359e3c to your computer and use it in GitHub Desktop.
Desc : Tyrell Wellick is hiding his Windows command-line shell activity using 192-bit key data. He thinks that nobody would get to know what he does. Prove him wrong by recovering the sensitive information to seek what he is hiding. Mr. Robot suggests that credentials may be hidden in this manner. File : https://shorturl.at/divGQ
$Key = 92,48,90,2,7,5,1,9,8,8,6,75,39,2,45,6,3,7,7,20,56,71,5,5
$encoded = "76492d1116743f0423413b16050a5345MgB8AFkAcwAyAG0AQQA2AGgAcABEADYAQgBIAEcAUwBFAE4AYgBiAHEATQAxAEEAPQA9AHwAYgA2AGEAYwA1ADUAOQAwADMAYQAyADkANwBlADkANwBhADEANgAxADQAOABkAGYAOAA5AGMANgBlADEAOQBjADQANwAzAGQANAA4ADQAYQAwADMAOQAxADUAOQBmAGEAZgA5ADgAYwBiADcAYwBiADAAYwBmAGEAMQA1ADQANQA2ADUAYgA5AGUAYwBlADIANgA4ADAAMAA5AGQAOQAzADMANwBiADMANAA4ADkAMQA3ADgAZABlADAAMQA0ADkAZQA2ADMAMwBhADAAMwBjADgAMQBlADIAYgAzAGYAMgAzAGMAZAA5ADIAYwAzADEANwA0ADkAYQA3AGYAMABkADkAYwA2ADkANQAyADUAOAA3AGYAZQA5AGMAMwAwADEANQAzAGEAMAA4AGIAMgBjAGIAZABiADkAMgAzAGQAMAA="
(New-Object System.Net.NetworkCredential("", (ConvertTo-SecureString -k $Key $encoded))).Password
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment