University of Cincinnati Logo


Analyze Software From Captured Laptop

A military organization captured a laptop of a known explosives expert within a terrorist organization. Further analysis revealed that the laptop contained a debug version of the remote client interface that the individual used to communicate with the IEDs. To help detect other client programs in use, we are cataloging binary signatures and basic network signatures for every version of the IED software we find. To support these efforts, your task is to compute the SHA256 hash of the client binary and identify the source and destination TCP ports that it uses when connecting to an IED.

captured file: client

source: Codebreaker Challenge, 2016

solution: solution

Paul Erdos
Ladies on Campus
Oscar Robinson