PCAP file contains a recorded conversation between a DNS client and a server, where DNS queries and CNAME responses seem to contain encoded messages:Ĭlose examination of the server code reveals that DNS queries and responses are used as transport for a remote shell session. In this challenge we are given a PCAP file dump.pcap and a Python source code for the server - server.py. They just sent us this and said we should be able to recover everything we need from it. But apparently they managed to lose the secret document they extracted. We hired somebody to gather intelligence on an enemy party.
0 Comments
Leave a Reply. |