Operation: Ghost Identity

The challenge mentioned a mysterious ami. For those who are unware, ami is Amazon Machine Image (AMI) is an image that provides the software that is required to set up and boot an Amazon EC2 instance.

Searching for the AMI accross different region, we managed to find it in us-west-1.

We then follow AWS instruction on the AWS Console to deploy the instance. After depoloying we are able to remote desktop into the EC2 instance.

Doing some manual enumeration, we found a suspicious file in the download folder.

Copying the file out and running strings on it, we got the flag after base64 decoding the strings.