Magnet Weekly CTF Challenge Week #11

Part 1

What is the IPv4 address that myaccount.google.com resolves to?

At the start of the memory challenge I had ran bulk_extractor over the image while I was working on the other questions. Reading some of the other writeups and the discord posts, users had been using the .pcap generated from bulk_extractor to answer the network based questions. I decided to give it a go for these questions. By simply searching for the string “google” we can see a DNS packet querying the domain “myaccount.google.com”.

In one of the answers we have an A record that returns the IP address of the domain, 172.217.10.238.

Answer: 172.217.10.238

For this question, I’d be interested if you can find the answer in the DNS cache of the image using a Volatility plugin.

Part 2

What is the canonical name (cname) associated with Part 1?

In the same packet, we have the CNAME record answer for the domain that was requested.

Answer: www3.l.google.com

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Mandiant’s APT1 — A Deadly force

Copyright Infringement in the Digital World

Security at Speed: Modern Security and DevOps

Introducing Metta: Uber’s Open Source Tool for Adversarial Simulation

Protecting Tor on Linux From Malicious Exit Relays

{UPDATE} Spells of Genesis Hack Free Resources Generator

Moving to Multi-Signature Consensus — 29.12.2021

{UPDATE} Motor Bike Crush Simulator 3D Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
svch0st

svch0st

More from Medium

Milton Glaser–Animation and Website experience

Creating a student dashboard

HOW CRYPTOCURRENCY ACTUALLY WORK — Everything you need to know

What Is Shoe Maker Guild?