forensicsmedium

Kapten Strang

undutmaning

Task: PCAP file with captured submarine communication containing remote shell session. Solution: Reconstruct TCP stream to find RAR password in command, extract binary data, recover flag from PNG EXIF metadata.

$ ls tags/ techniques/

pcap remote_shell rar exfiltration tcp_stream exif password_protected

tcp_stream_reconstructionbinary_extraction_from_pcappassword_recovery_from_trafficexif_metadata_analysis

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Create a free account with GitHub, then upgrade to Pro.

$ssh [email protected]