Forenzeek - Latéralisation

forensics logs FCSC 2026 solved on

star star

Description

Following the initial compromise you analyzed, the attacker apparently didn’t stop there! It seems the network administrator detected unusual activity on their network administration machine. Can you identify the UID of the connection that allowed the attacker to compromise the administrator’s machine? (e.g., 1ac41a8ff0fd305679)

The flag is in the format FCSC{uid} (e.g., FCSC{1ac41a8ff0fd305679}).

Files

  • forenzeek.csv.gz
    2.64 MiB – 4d83ad45f928e87d52d776e7e064dd62d912055ee8160cdfce6a1b23a5be77c3

Author

mln

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags
2026-05-14
noahlgrd01
🇫🇷