Cyber Apocalypse 2023


Solved by : thewhiteh4t

  • A PCAP file is given again
  • Apply a filter to view only POST requests :
  • In one of the requests we can see a PHP file by the name galacticmap.php is uploaded

  • It is a obfuscated PHP file, in its last line of code eval function is executed
  • To de-obfuscate I commented out the eval and added an echo

  • After running this PHP file we can get the flag :

Published on : 27 Mar 2023