DNS C2 Analysis - Trick or Breach [HackTheBoo CTF 2022]
This challenge presents a PCAP with a bunch of DNS resolutions that is exfiling data. I'll start in Wireshark and identify what's happening, and then switch ...
🔥 Related Trending Topics
LIVE TRENDSThis video may be related to current global trending topics. Click any trend to explore more videos about what's hot right now!
THIS VIDEO IS TRENDING!
This video is currently trending in Thailand under the topic 'สภาพอากาศ'.
About this video
This challenge presents a PCAP with a bunch of DNS resolutions that is exfiling data. I'll start in Wireshark and identify what's happening, and then switch to tshark to pull out those requests, and with some bash foo convert them back into an .xslx file.
☕ Buy Me A Coffee: https://www.buymeacoffee.com/0xdf
[00:00] Introduction
[00:14] Opening PCAP, looking at Statistics ➡️ Conversations and Statistics ➡️ Protcol Hierarchy
[01:22] Looking at DNS queries, coming up with theory about DNS names
[01:41] Using tshark to pull out data
[04:00] Looking up file magic, seeing it's a zip file
[04:40] Using cut and xxd to get binary data
[06:02] Opening excel file with unzip and finding flag with grep
[07:04] Installing Libreoffice and looking at resulting file
Video Information
Views
2.0K
Total views since publication
Likes
65
User likes and reactions
Duration
9:04
Video length
Published
Nov 1, 2022
Release date
Quality
hd
Video definition