Skip to main content
  1. Posts/

Write-Up Wander HTB

·2 mins· 0 · 0 ·
WriteUp HTB Challenge Hardware
Table of Contents

In this writeup I will show you how I solved the Wander challenge from HackTheBox. The challenge is an easy Hardware challenge. Let’s start!

Initial Analysis>

Initial Analysis #

The only thing that HTB is providing us is an ip address with the relative port, so first of all we can try to paste the ip address in our browser and see what happens. This is what we get:

Ok now we have to explore a bit the website so see if there is something interesting, maybe we can find some hidden directories or something like that. By clicking on the Job Controls we will be redirected to a new page:

PJL Commands>

PJL Commands #

I’ve never read about @PJL commands so I searched a bit on google and I found this link that explains what they are. Basically they are commands that can be used to control the printer. These are the most common commands:

Let’s try to use some of them to explore server’s filesystem. First of all we can try to use the FSDIRLIST command to list the content of the current directory:


Next, if we want to view the upper directory, we can this command:


Now we can see that is listed the home directory, mayber there is something interesting inside it. Let’s try to list its content:


The default directory seems interesting, let’s try to list its content:

@PJL FSDIRLIST NAME="0:/../home/default" ENTRY=1

Inside the default directory there is a file called readyjob, we need to see its content. To do that we can use the FSUPLOAD command in this way:

@PJL FSUPLOAD NAME="0:/../home/default/readyjob" 

We made it! Now we have the flag: