top of page

HackTheBox Forensic Challenge - Deadly Arthrophod

For any HackTheBox Challenge you need to first look for Files that can be downloaded or Start instances with a given port on and for any zip file first password is always hackthebox.

So, I downloaded the zip file for this challenge and opened it with "hackthebox" password.

root@kali:~/Downloads# unzip


[] deadly_arthropod.pcap password: hackthebox

inflating: deadly_arthropod.pcap

Now, after researching about pcap I get to know that data can be extracted via tshark tool.

Use below command to extract data and save it in keystroke.txt

root@kali:~/Downloads# tshark -r deadly_arthropod.pcap -Tfields -e usb.capdata > keystroke.txt

Now, remove white spaces from the file and run command.

root@kali:~/Downloads# cat keystrokes.txt | awk 'NF' > pipe;cat pipe > keystrokes.txt

Now, it will give you a Flag with ">" & "<" now remove these symbol and arrange words accordingly. You will find a correct flag.

Please share your comments and If you enjoyed this blog post, share it with a friend! See you guys in next post soon.

18 views0 comments

Recent Posts

See All
Post: Blog2 Post