Index of Files for Honeynet Reverse Challenge

• README - a file describing the group of investigators
• advisory.html - advisory for a technical audience
• analysis.html - description of analysis of the binary
• answers.html - answers to the questions from the challenge
• costs.html - cost estimate
• decode-packets.pl - network packet decoder script
• decoder_output.txt - output from the decoder using the test data that was supplied
• decompile_final.c - the final reverse engineered pseudo C code
• decompile_with_libc.c - the decompiled binary with the standard C library functions identified
• decompile_with_syscalls.c - the decompiled binary with only the system calls identified
• dns_data.c - DNS data extracted from the binary
• dns_extract - perl script used to extract DNS data
• index.html - this file
• ip_addresses.txt - first 8000 IP addresses extracted from the binary
• ip_extract - perl script used to extract IP addresses
• proc_check - perl script that identifies which functions occur how many times in the decompiled code
• procedures.txt - a list of all functions from the decompiled code (used by proc_check and only included for completeness)
• pruneit - perl script to remove "dead" functions
• summary.html - the summary for a non-technical audience
• system_functions.txt - a mapping of system call functions to functions from the decompiled code
• the-binary.asm - assembly file of the binary
• the-binary.rec - initial decompiled code of the binary
• timestamp.html - file containing timestamps for html files (excluding itself) and tar file for the rest of the files