Description
In June 2023, an operator of vital importance falls victim to an attack that compromises its entire information system. You received the Linux and Windows logs and must answer the investigators’ questions.
This challenge is part of a serie. The parts are numbered in the chronological order of the attack, but it is not necessary to solve them in order :
- SOCrate 1/6 - Technologie
- SOCrate 2/6 - Reverse shell
- SOCrate 3/6 - Outil téléchargé
- SOCrate 4/6 - Latéralisation
- SOCrate 5/6 - Vol de clés
- SOCrate 6/6 - Outil utilisé
The attacker used the reverse shell from the previous question to download a tool. Then, he executed this tool.
Find the URL of the download and find the original name of the tool (the binary having been renamed).
Flag format: FCSC{URL|ORIGINAL_NAME}
Example: FCSC{https://10.42.43.44/toto|nmap}
Files
-
socrate.tar.xz
237.27 MiB – f2ac337b372fba041ecccb20d18cf00401ab428457a68460bdfef4090e2b2313
Author
Flag
Submit your solution
You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.
You need to be logged in to submit a writeup.
Writeups
There are no public solutions for this challenge yet, but you can submit yours after getting the flag.