Note to fellow-HTBers: Only write-ups of retired HTB machines or challenges are allowed.

Challenge info

Infiltration [by greenwolf]
Can you find something to help you break into the company ‘Evil Corp LLC’. Recon social media sites to see if you can find any useful information.

The Challenge

One method of collecting info from public sites is to use Google Dorks. Google Dorks are filters you can use to get better search results.
We can use these to quickly scan social media websites for potentially interesting pages.

Note that these filters also work in DuckDuckGo, so you can OSINT while still caring about your privacy.

PS: In case you missed it, “Evil Corp LLC” is a reference to USA Network’s Mr. Robot ;)


Since we’re looking for a corporation, LinkedIn is a good place to start off with.

Using the Evil Corp LLC we find the LinkedIn company page of Evil Corp LLC.

We find what looks like a HTB-flag in the company’s description: HTB{WW91IGNhbiBkbyB0aGlzLCBrZWVwIGdvaW5nISEh}.

LinkedIn - Evil Corp LLC

However, this isn’t the one we’re looking for.
Decoding the base64 body of the flag, we get an encouraging message.

$ echo "WW91IGNhbiBkbyB0aGlzLCBrZWVwIGdvaW5nISEh" | base64 -d -
You can do this, keep going!!!


Next up: Twitter. Evil Corp LLC

This leads us to the company Twitter run by USA Network, its CEO, and more.

It even leads to a Twitter post talking about DoD crests? However, this is a dead end as well. Could be a false flag. Notice that Alia does seem to work for Evil Corp LLC… (that’s why this tweet ended up in the Google results)

Facebook Evil Corp LLC leads to multiple different profiles, none of which contain a flag.


Now that we’re through the 3 big ones, let’s focus on the smaller(?) networks. Evil Corp LLC has some nice results.
We find what’s probably the company profile and the profile of one of its employees.

The third Google result is one of this employee’s (Eryn) pictures, which she took on her first work day at Evil Corp LLC. It’s a picture of her laptop and her badge.

Instagram - Picture by Eryn

If we look closer to the badge, we notice that just below the barcode there appears to be some text that looks to be in the HTB flag format.