Businesses that reach out to their customers deep trust and provide an important anchor in uncertain times that will pay off with future business A friend recently complained that her dentist’s…
Hi there! In order to properly inaugurate this page, we’ll be disclosing the agent — A LetsDefend Challenge.
We reached the data of an agent leaking information. You have to disclose the agent.
Note: pcap file found public resources.
If you plan on doing the LetsDefend challenge, I strongly recommend trying to do it by yourself before reading!
First step was to open the PCAP file in a network protocol analyzer, for this task I’ll be using Wireshark so we can better analyze the traffic data.
Having in mind that our first goal is to find a secret e-mail address, we can start by searching for the SMTP (Simple Mail Transfer Protocol) on Wireshark.
Looking at the traffic data, we can already detect some valuable information:
Assuming this is Ann’s computer (EHLO annlaptop), we could find her credentials by decoding her username and password values.
Now that we have Ann’s credentials, we should analyze if we can find more information about her e-mail changes.
In the highlighted line, it’s possible to find the body of an e-mail message, that could be the person Ann has been trading e-mails with.
Looking at the rest of the packet there’s more suggestive messages that indicates that this person could be Ann’s secret lover.
We can also find an attachment file at the end of the message.
By following the TPC stream and going back to the attachment information inside of the e-mail, we can find the code of the file, which according to the content-transfer, is encoded in base64.
In order to extract the file, we can take the code and put it into a decoder tool.
Opening the file “application.docx” we have the place where Ann wants to meet.
Once you have the file, you can open the terminal and check out its MD5 hash by using the command certutil.
That way the challenge is completed! Thank you for reading.
Parkour is a dangerous and exhilarating sport that has quickly become popular around the world. It’s also been credited with helping to revive interest in physical activity, both for those who…
So what do you do if you experience the weepy waves of sad? I’ve come up with a list here that explains what I do when I hit the emotion ocean, and they might just work for you too. Like most things…
Time management is something I definitely want to work on. I tend to always leave assignments to the last minute because I feel like I work better under some pressure. I want to finish assignments…