Description Link to heading

Someone hacked my server :( Can you please find out how? Note: Flag is n00bz{md5sum(vulnerableService_serviceVersion_attackersFirstBashCommandOnTheHackedServer)}

Replace the md5sum(…) with the ACTUAL MD5SUM of the above when you find it, like so: echo -n vulnerableService_serviceVersion_attackersFirstBashCommandOnHackedServer | md5sum Also, case and underscores are important!

Attachement : dump.pcap

Solving Link to heading

The given file is a pcap file, so open it up in Wireshark. we can follow the TCP Stream.

dump.pcap dump.pcap

echo -n vsFTPd_2.3.4_id | md5sum # a806fef72a92508b7a64776bb83ad4cb

Result Link to heading 

n00bz{a806fef72a92508b7a64776bb83ad4cb}