Your lab session has been automatically terminated due to the expiration of your allocated time.
What is the computer's name?
What is the Timezone of the compromised machine? Format: UTC+0 (no-space)
What was the first vulnerability the attacker was able to exploit?
What is the OS build number?
How many users are on the compromised machine?
What is the webserver package installed on the machine?
What is the name of the vulnerable web app installed on the webserver?
What is the user agent used in the HTTP requests sent by the SQL injection attack tool?
The attacker read multiple files through LFI vulnerability. One of them is related to network configuration. What is the filename?
The attacker tried to update some firewall rules using netsh command. Provide the value of the type parameter in the executed command?
How many users were added by the attacker?
When did the attacker create the first user?
What is the NThash of the user's password set by the attacker?
What is The MITRE ID corresponding to the technique used to keep persistence?
The attacker uploaded a simple command shell through file upload vulnerability. Provide the name of the URL parameter used to execute commands?
One of the uploaded files by the attacker has an md5 that starts with "559411". Provide the full hash.
The attacker used Command Injection to add user "hacker" to the "Remote Desktop Users" Group. Provide the IP address that was part of the executed command?
The attacker dropped a shellcode through SQLi vulnerability. The shellcode was checking for a specific version of PHP. Provide the PHP version number?
Unzip the challenge (pass: cyberdefenders.org)
A company’s web server has been breached through their website. Our team arrived just in time to take a forensic image of the running system and its memory for further analysis.
As a soc analyst, you are tasked with mounting the image to determine how the system was compromised and the actions/commands the attacker executed.
962 days ago
Given the sheer volume of email requests, our team might take longer to get back to you. Want a quick answer? Post in our community where our team & members respond promptly!
Thank you for your understanding.