Skip to main content

Day 1: Infiltration

challenge description
We got a hold of an internal communication tool being used by the elves,
and managed to hook it up to their server. However, it won't let us see their secrets?
Can you take a look inside?

Starting

We are given a binary called client. It seems like it wish to connect to some remote IP and port. Maybe we can let it connect to the docker instance provided?

~/De/C/CyberSantaCTF2021/reversing/rev_infiltration ❯ ./client 68.183.40.128 32319
[!] Untrusted Client Location - Enabling Opaque Mode

Hmm... Nothing much? Let's see what goes on in wireshark. Filtering by IP, we get the flag!

Captured stream

Flag

HTB{n0t_qu1t3_s0_0p4qu3}