Wrong Spooky Season
Personal Rating: Easy
I personally really enjoy forensics challenges. There were the files dissections.txt and capture.pcap
Checking the capture and looking at the streams, there was an interesting http stream in which I could find malicious activity
Following that stream there was a call with some encoded string:
The string "==gC9FSI5tGMwA3cfRjd0o2Xz0GNjNjYfR3c1p2Xn5WMyBXNfRjd0o2eCRFS" could be reversed with rev and base64 decoded with base64 -d to get the flag. From the format it was obvious that we had a reversed base64 string.
echo ==gC9FSI5tGMwA3cfRjd0o2Xz0GNjNjYfR3c1p2Xn5WMyBXNfRjd0o2eCRFS | rev | base64 -d > flag.txtLast updated