No more kid's play: Difference between revisions
From Pessin randon wiki
Created page with "===Description=== ===Question=== ===Solution=== ===Tools=== ===Flag=== ===Links=== * Back to CTF Challenges page" |
No edit summary |
||
| Line 1: | Line 1: | ||
===Description=== | ===Description=== | ||
150pts | |||
You are called into school board meeting, some police cyber unit officers are present. Everybody is dead serious. | |||
It appears it was NOT a kid hacking the school systems, but some actual hacker used school's infrastructure to plan and carry out attacks against other targets. | |||
School IT gave you the packet capture from the computer that the attacker was using to hack the SQL server. | |||
IT analysed the file and identified that some traffic was tunneled out of the school network. They could not identify what it was. | |||
Can you help the authorities track the mysterious attacker? | |||
===Question=== | ===Question=== | ||
Can you identify the tunneling protocol and decode the data? | |||
http://shared.target05/school-noc-dump.pcapng | |||
===Solution=== | ===Solution=== | ||
Revision as of 15:44, 9 September 2022
Description
150pts
You are called into school board meeting, some police cyber unit officers are present. Everybody is dead serious.
It appears it was NOT a kid hacking the school systems, but some actual hacker used school's infrastructure to plan and carry out attacks against other targets.
School IT gave you the packet capture from the computer that the attacker was using to hack the SQL server.
IT analysed the file and identified that some traffic was tunneled out of the school network. They could not identify what it was.
Can you help the authorities track the mysterious attacker?
Question
Can you identify the tunneling protocol and decode the data?
http://shared.target05/school-noc-dump.pcapng
