Forensic

Hi.

So I know how the data is being transmitted in this challenge and I know what is being transmitted too. However seeing as there’s a lot of different ’DNS Queries’ how am I supposed to know which ones are right. I can get the basic obvious ones, like the beginning part of it (trying not to spoil as much as I can here!) but the rest is unclear. I’ve tried tools to try and fix stuff but they didn’t work.

Thanks in advance.

Maybe you need to clear some data...if you know what sort of file it is, you should search if these files have a common signature at the beginin

Hello am kinda stuck on this one for days((. Perhaps you can give me additional hint. Got a script in the wild that analyses DNScat traffic and writes out a png file. but i cant find anything in the PNG file