Problem Statement
An anomaly was identified within our company's intranet when the
Development team discovered an unfamiliar file on one of our web servers.
Fearing possible malicious activity, the network team has captured a
pcap file containing essential network traffic for analysis,
which has been assigned to the security team for further investigation.
Based on the above scenario and the attached challenge File, Need to solve
Challenge NS1-NS6.
Understanding the geographical origin of the attack aids in geo-blocking
measures and threat intelligence analysis. What city did the attack originate
from?
Flag Format: BUBT{Answer}
Solution
While solving NS2, we found that a shell was uploaded to the victim’s website. By tracing that IP address using different "IP info" websites, we can find the answer.
Â