Description
The Antarctic Vault company offers its customers cold storage for better preservation. This storage is located deep under the Antarctic pack ice within low power nodes.
In these nodes, an application allows the storage of secrets and recovery via asymmetric authentication that meets the highest market standards. The connection of clients to the vaults is done using Wi-Fi terminals with a very high level of security.
However, this company, which hosts very sensitive FCSC data, have realized that a malicious actor managed to connect to one of its devices. A malicious access point presented itself to the node and the node connected to it. The Security Operations Center was able to perform two captures: a network capture of the access point connection and a memory dump of the node prior to the malicious operations.
Can you find the secret that was exfiltrated?
This challenge has been split into two parts:
Files
-
out.lime.xz
36.71 MiB – 70c4afc26a1f18ee89132b7c16ff9203a5c82e36a02c21844fe661e83a10283b -
capture1.pcap
3.40 MiB – 7be41705ea1cb9093e4083a382424f81c8e227f33128f7b15f2aafcbfdf1ed76
Author
Flag
Submit your solution
You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.
You need to be logged in to submit a writeup.