Hack The Box – Keep Tryin’ (Forensics Challenge)

This packet capture seems to show some suspicious traffic. All that is provided for this challenge is a small PCAP, and the observation that it contains “some suspicious traffic”. Let’s go! Opening the PCAP in Wireshark we find that it only contains 26 packets. The first thing my eye was drawn to was the DNS […]

Hack The Box – Took the Byte (Forensics Challenge)

Someone took my bytes! Can you recover my password for me? This time all we are given is a single file named password,  which is identified simply as data. Examining it in a hex editor doesn’t give many more clues. I began thinking that the data might be encrypted somehow, and threw it into CyberChef. […]

Magnet Weekly CTF – Week 12

The Magnet Forensics Weekly CTF has been running since October and sets one question each week using an image that changes each month. The October questions were based on an Android filesystem dump, and November’s related to a compromised Hadoop cluster built on Ubuntu Linux. The December challenges return to more familiar territory for me […]

Memlabs Memory Forensics Challenges – Lab 6 Write-up

Memlabs is a set of six CTF-style memory forensics challenges released in January 2020 by @_abhiramkumar and Team bi0s. I have been working on the Magnet Weekly CTF recently so the other write-ups I had in progress have been sitting partially finished for a while now. This write-up covers the final challenge – Lab 6 […]

Magnet Weekly CTF – Week 11

The Magnet Forensics Weekly CTF has been running since October and sets one question each week using an image that changes each month. The October questions were based on an Android filesystem dump, and November’s related to a compromised Hadoop cluster built on Ubuntu Linux. The December challenges return to more familiar territory for me […]