Pcap attack trace.A packet analysis exercise that involves extracting and analyzing exploit code to understand how the attack was performed and the caused damage.
| # | Question | Weight | Solved | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | What is the encryption type used in the TCP stream? | 50 | 40 | ||||||||||||
| 2 | What is the name of the exploited service? | 100 | 23 | ||||||||||||
| 3 | What is the operating system running on the targeted host? | 100 | 17 | ||||||||||||
| 4 | What is the packet number for the initial stage of the exploit? | 100 | 32 | ||||||||||||
| 5 | What is the CVE number of exploited vulnerability? | 200 | 21 | ||||||||||||
| 6 | What was the initial Function call in Stage1? Provide the function name. | 250 | 5 | ||||||||||||
| 7 | What are the XOR keys used in Stage1? (comma-separated). | 300 | 5 | ||||||||||||
| 8 | What was the MAGIC constant sent to the server? | 300 | 4 | ||||||||||||
| 9 | What was the XOR Key used to decode stage2? | 300 | 3 | ||||||||||||
| 10 | What is the name of the file created by stage2? | 300 | 3 | ||||||||||||
| 11 | What is the content of the secret message? | 500 | 4 | ||||||||||||