Baby XDP

misc network FCSC 2025 solved on

star star

Description

Where have my network packets gone?

In this challenge, we invite you to play with XDP.

An attacker has established a discreet communication channel between an infected machine and the network. Will you be able to retrieve the contents of the packets received on the network interface? tcpdump doesn’t seem to be working…

Notes:

  • To have a functional Ctrl-C, you can use stty -cooked -echo in your terminal after backgrounding your connection to the challenge made with nc.
  • To reproduce the challenge locally:
    1. Extract the archive with tar xf babyxdp.tar.xz.
    2. Start the Docker container with docker compose up --build.
    3. Connect to the local challenge with nc localhost 4000.
  • To connect to the machine, use the password “user”

Files

Author

gte

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2025-misc-baby-xdp/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags
2025-04-29
StroppaFR
🇬🇧