1 of 1

An Evil Christmas Carol 1 and 2

Link to file:

An Evil Christmas Carol 1:

Briefing:

Like the others, you can just filter for http traffic and get the flag:

flag{205.185.125.104}

An Evil Christmas Carol 2:

Briefing:

We're looking for a domain, so it must be a dns query. Therefore filtering for DNS traffic and specifying the ip (10.0.0.163 as this is the infected client from part 1, and the infected client must've made the query) we can get the flag-

flag{vlcafxbdjtlvlcduwhga.com}

By das

An Evil Christmas Carol 1 and 2

Link to file:

File: https://tinyurl.com/y259doyq
Password: hacktober

An Evil Christmas Carol 1:

Briefing:

Like the others, you can just filter for http traffic and get the flag:

flag{205.185.125.104}

An Evil Christmas Carol 2:

Briefing:

flag{vlcafxbdjtlvlcduwhga.com}

By das

An Evil Christmas Carol 1 and 2

hashtagLink to file:

hashtagAn Evil Christmas Carol 1:

hashtagBriefing:

hashtagAn Evil Christmas Carol 2:

hashtagBriefing:

An Evil Christmas Carol 1 and 2

hashtagLink to file:

hashtagAn Evil Christmas Carol 1:

hashtagBriefing:

hashtagAn Evil Christmas Carol 2:

hashtagBriefing:

Link to file:

An Evil Christmas Carol 1:

Briefing:

An Evil Christmas Carol 2:

Briefing:

Link to file:

An Evil Christmas Carol 1:

Briefing:

An Evil Christmas Carol 2:

Briefing: