forensicseasy

Baby Exfil

uoftctf2026

Task: Analyze pcap file with captured network traffic to find exfiltrated data. Solution: Extract HTTP objects, find XOR encryption key in downloaded Python script, decrypt hex-encoded files to recover images containing the flag.

$ ls tags/ techniques/

xor pcap http wireshark exfiltration

xor_decryptionpcap_analysishttp_object_extractionmultipart_parsing

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Create a free account with GitHub, then upgrade to Pro.

$ssh [email protected]