You received a call from a customer (ACME) saying that there has
been an accident at their factory and they want you to rule out any
foul play. They have provided a packet capture for you and said
that there have been many spear phishing attempts as of late
targeting their company.
This is part 5 of 6 in a
packet capture analysis challenge.
The pcap file can be found from the first part.
Hint: "I am the big brother. I am more complicated than my little
brother. Can you figure out how I operate and make me spill my
secrets?"
Note: In case you are using the packet capture challenge as part of your
application please report it as you would to a customer, meaning that
the whole target audience is able to understand the contents of the report.
Your report should answer to at least following questions: What has happened?
What was the timeline of the events? What kind of information or data
have been stolen? What do you know about the attacker?
You get 200 points for this challenge.
Solvers:
no one
pcap
2018