Skip to content

Latest commit

 

History

History

underground_watch_part_2

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
public
public
 
 
setup
setup
 
 
solution
solution
 
 
README.md
README.md
 
 
challenge.yml
challenge.yml
 
 
docker-compose.yml
docker-compose.yml
 
 

README.md

Underground Watch - Part 2

Try in PWD

Category: forensics

Author: sAINT_barber

Description

We saw the attacker gain access on our surveillance application and execute a few commands, but then, the attacker disappeared, almost like they went through an underground tunnel.. We still have the packet capture, if this can help you understand what they did?

Note: Solution to Underground Watch - Part 1 is required to solve this challenge

Run locally

Launch challenge:

curl -sSL https://raw.githubusercontent.com/cybermouflons/CCSC-CTF-2024/master/forensics/underground_watch_part_2/docker-compose.yml | docker compose -f - up -d

Shutdown challenge:

curl -sSL https://raw.githubusercontent.com/cybermouflons/CCSC-CTF-2024/master/forensics/underground_watch_part_2/docker-compose.yml | docker compose -f - down