(Writeup) HackTheBox Labs - Machine - Expressway
Easy Linux Box. Exploiting IKE Aggressive Mode to capture and crack a VPN PSK hash, then abusing a sudo CVE for root.
Easy
(Writeup) LetsDefend Challenge - Disclose The Agent
Analyzing an SMTP PCAP to identify leaked credentials, decode Base64 authentication data, extract and reconstruct an email attachment from network traffic, and verify file integrity through hashing.
(Writeup) LetsDefend Challenge - Investigate Web Attack
Analyzing raw Apache access logs with Bash tools to identify reconnaissance with Nikto, forced browsing, successful login brute force activity, and command injection leading to account creation on the target system.
(Writeup) LetsDefend Challenge - Http Basic Auth.
Analyzing a PCAP file to identify HTTP GET requests, enumerate server and client details from HTTP headers, and decode Basic Authentication credentials using Wireshark and CyberChef.
(Writeup) LetsDefend Challenge - Shellshock Attack
Analyzing Shellshock attack activity in a PCAP file using Wireshark, identifying the target server details and the injected command.
(Writeup) LetsDefend Challenge - Port Scan Activity
Analyzing port scan activity in a PCAP file using Wireshark, identifying the scanning host, discovered systems, and network indicators.
(Writeup) LetsDefend Challenge - Malicious Doc
Analyzing a malicious Word document using VirusTotal to identify RTF exploit behavior, CVE-2017-11882 abuse, payload delivery, and network communication.
(Writeup) LetsDefend Challenge - Remote Working
Analyzing a malicious XLS file using VirusTotal to identify detection signatures, dropped files, spyware download URLs, and file intelligence indicators.
(Writeup) LetsDefend Challenge - Malicious VBA
Analyzing a malicious VBA macro document, decoding obfuscated hex strings, identifying payload delivery, and investigating HTTP communication and WMI execution techniques.