Attacker Message - SMP CTF 2024 - Selection Round

Posted on January 1, 2025 by rahisec

As we've discovered attacker got a reverse shell and communicating using a custom port 1337 .so hacker might write someting on the victim machine to deliver his message.

so i filtered out all the tcp communication which are using port 1337 and carefully analyzed each request.

And i found this ...

after following the tcp stream in this traffic i got

This was ultimately the hacker's message.