Attention! "Ulysses" is no longer active and will not contribute to leaderboard points. However, you can still solve the lab and explore avaliable walkthroughs to gain valuable experience.
Unzip the challenge (pass: cyberdefenders.org), investigate this case, and answer the provided questions.
Use the latest version of Volatility, place the attached Volatility profile "Debian5_26.zip" in the following path volatility/volatility/plugins/overlays/linux, and verify the profile is listed there as in the following screenshot.
A Linux server was possibly compromised, and a soc analyst is required in order to understand what really happened. Hard disk dumps and memory snapshots of the machine are provided in order to solve the challenge.
Challenge Files:
victoria-v8.kcore.img: memory dump done by dd’ing /proc/kcore.
victoria-v8.memdump.img: memory dump done with memdump.
Given the sheer volume of email requests, our team might take longer to get back to you. Want a quick answer? Post in our community where our team & members respond promptly!
