Task 01: Introduction
- Download the File
- open with Wireshark
When it all started?
Open packet 1, layer 1 reavels the Time Stamp
Enter Format (MMM DD, YYYY)
What is the domain name?
Check the DNS (use filer
What is the EMAIL Sending Protocol & Port
What is the EMAIL Receiving Protocol?
RFC 918; wiki
Task 02: Find the Mails
as we already know the email protocols that was used in this logs, let’s find out the emails.
Who received the First email?
email receiving protocol was
filter the results
read the first
Who send the First Email?
- Same task 2.1 reveals the
there is a ‘Super Hero Reference’ who is he??
read the first email reply. (filter:
filter the logs
follow the streams; change steam here.
Uhmm, Babe is mad! Our guy sent a hint to the other guy. what he said?
read the emails, you’ll find a reference what
ans is in
tcp.stream eq 20
what is username for the Computer Network ?
outgoing email steam
what is the password for the Computer Network?
- follow the task 2.6
Task 03: Twisters
Who send the bad word about ‘Monitor’?
read the emails
you’ll discover a new email address.
he sent a very compaling evidence email
What was the name of executable file?
- read the
- you’ll find this file
What is IP address of Attacker
- read the
- ans is the
source IPaddress, from where the
exefile was downloaded.
Task 04: Rescue
Our hero sent SOS to ?
oliver send email to someone seeking for help
smtpread the emails, you’ll discover another new email address
- and is in task 4.1