[+] Hacking/[-] Challenge Report 썸네일형 리스트형 Codegate 2012 Forensic 400 풀이 풀다 보니 벌써 400점 문제네요 :) 이번 문제의 지문부터 봐 볼까요? In Energy corporate X which is located in Seoul, APT(Advanced Persistent Threat) was occurred. For 6 months, Attacker A has stolen critical information with an elaborate attack. Attacker A exerted great effort to remove his all traces such as malicious file, prefetch, registry and event logs for the period of attacking, so it was hard for Energy Corporate.. 더보기 Codegate 2012 Network 200 풀이 이번에는 Network 200점 문제를 풀어보도록 하겠습니다. 개인적으로 시간이 제일 많이 걸렸던 문제네요 ㅠㅠ.. 일단 지문부터 읽어보도록 하죠! To whom it may concern to DoS attack. What is the different between attack and normal traffic? Attached PCAP file is from suspicious client PC which may be infected. If you find TOP 4 targeting address, let me know exactly information such as below. Answer: COUNTRY_NAME_TOP1(3)COUNTRY_NAME_TOP2(13)COUNTRY_NAME_TOP.. 더보기 Codegate 2012 Forensic 300 풀이 오늘 참 버닝하는 것 같습니다 :) 한번 풀기 시작하니 계속 생각이 나는군요. 정말 이것만 하고 이제 제 할일을 해야 겠습니다. 일단 문제는 아래와 같습니다. IU is investigating the system which was contaminated by malicious code. As a result of analyzing TimeLine, it seems to be contaminated after February 9th 2012. Contaminating path would be from visiting Web page. IU analyses various user traces of Internet, however IU can't find malicious URL. Maybe traces w.. 더보기 Codegate 2012 Network 100 풀이 처음에 흥미를 가진 문제였지만 "포렌식 문제를 보자" 해서 조금 뒤로 미뤄뒀던 문제였습니다. 포렌식 문제도 2문제 정도 풀었으니 "한번 풀어보자" 라는 생각이 들어 풀다보니 엉겁결에 풀린 것 같네요 ^^; 일단 문제는 아래와 같습니다. Someone have leaked very important documents. We couldn't find any proof without one PCAP file. But this file was damaged. ※ The password of disclosure document is very weakness and based on Time, can be found easily. Cryptographic algorithm is below. Msg = "ThisIsN.. 더보기 Codegate 2012 Forensic 200 풀이 이번에는 200점 문제를 풀어보도록 하겠습니다. 이번 문제도 7z 압축 포맷으로 되어 있어 압축을 풀면 100점 문제와 동일하게 Users 폴더가 나옵니다. 일단 문제를 살펴보도록 하죠. When IU who lives in Seoul tried to do SQL Injection attack a certain WEB site, suddenly the browser was closed abnormally. What is the SQL Injection value she tried to enter and when the browser was closed? The time is based on Korea Standard Time(UTC +09:00) Time Format is YYYY-MM-DDThh:mm:.. 더보기 이전 1 ··· 4 5 6 7 8 9 10 ··· 12 다음