https://www.bnd.bund.de/DE/Karriere/Forensik_Challenge/Forensik_Challenge_node.html
md5
f5b3487acc8509a83e09e4bf8b6faf35 challenge.ova
sha1
5880d493d6a49393755086282d7633a51aff8d54 challenge.ova
sha256
367daf77dc630c4fee4a2154fda060b5ca41d98659985ca61fdabac238fd30c4 challenge.ova
hacker:abcd1234
- Describe the vulnerability the hackers could exploit to infiltrate the system. Which vulnerability has been used? Provide a PoC (Proof-of-Concept) for it.
- How could the attackers gain root access? Describe the vulnerability and determine the new root-password. 3. What data was put onto the system? how was the data hidden? Name the flag
- solution.md contains the solution (SPOILER ALERT!!)
- Szenario.pdf contains the original Szenario.pdf specification (in german) (also available in the "source"-link at the beginning of this readme)
- Szenario.txt - original Szenario.pdf converted to text (for security-concious people not wanting to open unchecked pdf files)
- assets - folder containing interresting files during the investigation
I discovered the solution by golem after analyzing the file.
Also, i am not interrested in a job at the BND.
I did this analysis purely out of fun and for no personal gain.