Step 1: Click on the green button to Start the Lab
Step 2: Hack the URL or IP of the lab
Step 3: Use your skills and logic to find the flags!
dns_exfil.pcap
in Wireshark or your preferred network analysis tool.dns
tshark
installed, you can install it as follows:# On Ubuntu/Debian:
sudo apt-get install tshark
# On macOS (with Homebrew):
brew install wireshark
# On CentOS/RHEL:
sudo yum install wireshark
tcpdump
.tshark
to extract all DNS query names:tshark -r dns_exfil.pcap -T fields -e dns.qry.name -Y 'dns'
www.google.com
), but instead look like random strings followed by attacker.com
.YTdiM2M5ZDEtZTVmMi00YThiLTljNmQtM2U3ZjhhMmI1Yzlk.attacker.com
.YTdiM2M5ZDEtZTVmMi00YThiLTljNmQtM2U3ZjhhMmI1Yzlk
echo 'YTdiM2M5ZDEtZTVmMi00YThiLTljNmQtM2U3ZjhhMmI1Yzlk' | base64 -d
a7b3c9d1-e5f2-4a8b-9c6d-3e7f8a2b5c9d
tshark -r dns_exfil.pcap -T fields -e dns.qry.name -Y 'dns' | grep 'attacker.com' | cut -d'.' -f1 | tr -d '
' | base64 -d
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
a7b3c9d1-e5f2-4a8b-9c6d-3e7f8a2b5c9d
Sign-in to your account to access your hacking courses and cyber security labs.
Access all hacking courses and cyber security labs.