forensicsPromedium

Офисный Хакер (Office Hacker)

duckerz

Task: Analyze pcap file with apparent DNS exfiltration traffic to find hidden data. Solution: Ignore the DNS red herring and extract flag parts embedded in pcap file structure at specific offsets using strings and hex analysis.

$ ls tags/ techniques/

steganography pcap red_herring ipp printer_protocol pcap_structure

pcap_structure_analysisoffset_extractionstring_searchhex_analysis

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[forensics][Pro]Офисный трафик (Office Traffic)— duckerz
[forensics][Pro]Сверхсекретный Шпион— duckerz
[forensics][Pro]Синий иней (Blue Frost)— duckerz
[forensics][Pro]Новый сотрудник (New Employee)— hackerlab
[forensics][Pro]Зашифрованный трафик (Encrypted Traffic)— hackerlab