Exfiltrated blue team ctf

Category : Digital Forensics

Disk

Linux

Keylogger

RedHat
765 Players
4.3 (88)
Medium
  • Q1

    What is the RHEL version installed on the machine?

    • Weight : 50 | Solved : 376
    • Weight : 50 | Solved : 375
    • Weight : 100 | Solved : 357
    • Weight : 50 | Solved : 319
    • Weight : 50 | Solved : 326
    • Weight : 100 | Solved : 337
    • Weight : 50 | Solved : 334
    • Weight : 100 | Solved : 323
    • Weight : 100 | Solved : 325
    • Weight : 50 | Solved : 315
    • Weight : 150 | Solved : 314
    • Weight : 150 | Solved : 287
    • Weight : 150 | Solved : 279
    • Weight : 200 | Solved : 291
    • Weight : 250 | Solved : 242

    • Instructions:

    • Uncompress the challenge (pass: cyberdefenders.org)

    Scenario

    The enterprise EDR alerted for possible exfiltration attempts originating from a developer RedHat Linux machine. A fellow SOC analyst captured a disk image for the suspected machine and sent it for you to analyze and identify the attacker's footprints.


    Tools

    Sign in to Download challenge

    Need Help?

    Join our Discord server, connect with fellow defenders, and get help while solving challenges.
    • SHA1SUM:
      1f190082a122f74baa19f1b8189bbb0172301c66
    • Password:
      cyberdefenders.org
    • Size:
      3.3 GB
    • Published:
      Nov. 2, 2021, midnight
    First blood

    Nisarg

    580 days ago

    Last solve

    ozer0x777

    6 days ago

    Authors

    CyberDefenders