In this article, I will be providing a walkthrough for the Overpass 2 — Hacked room, a free room available on the TryHackMe platform created by NinjaJc01_. _I have provided a link to the TryHackMe platform in the references below for anyone interested in trying out this free room.
This is a walkthrough room and not your conventional CTF room, however this article will still contain some spoilers. I believe you will enjoy this room more if you attempt it yourself first and then come back to this article if you get stuck or need a hint!
The following background is provided for this free room.
Overpass has been hacked! The SOC team (Paradox, congratulations on the promotion) noticed suspicious activity on a late night shift while looking at shibes, and managed to capture packets as the attack happened.
Can you work out how the attacker got in, and hack your way back into Overpass’ production server?
The room starts by providing a PCAP file that contains the packets captured during the attack. There are five questions that need to be answered by forensically analyzing the captured network packets. Using Wireshark, I opened the PCAP file to analyze the network packets and start answering the questions.
#technology #network-forensics #tryhackme #ctf-writeup #cybersecurity #neural networks