Avatar

Labs / DNS Exfil

  • Daily Challenge
  • Released 07 Jul 2025
The lab needs to be started first.
Need help to start?
Daily Challenge

DNS Exfil - Challenge Description

Challenge Overview

Welcome to DNS Exfil! In this challenge, you'll analyze a network capture (PCAP) file to uncover data exfiltrated via DNS tunneling. This is a real-world technique used by attackers to bypass security controls and extract sensitive data from a network. Your mission is to identify the exfiltration pattern and recover the hidden flag.

Learning Objectives

  • Understand DNS tunneling and exfiltration techniques
  • Practice network traffic analysis using PCAP files
  • Develop skills in protocol analysis and data extraction
  • Recognize patterns of covert data transfer in DNS queries

Challenge Details

You are provided with a PCAP file containing DNS traffic. Some of the DNS queries are used to exfiltrate a flag, which is encoded and split across multiple requests. Your task is to analyze the DNS queries, reconstruct the exfiltrated data, and decode it to reveal the flag (in UUID format).