Hackthebox Sherlocks Compromised
Created|Updated|HTB-Sherlocks
|Post Views:
Author: Nightsedge
Copyright Notice: All articles on this blog are licensed under CC BY-NC-SA 4.0 unless otherwise stated.
Related Articles
2024-12-31
Hackthebox Sherlocks Takedown
Hackthebox Sherlocks - Takedown WriteUp
2024-12-31
Hackthebox Sherlocks OpTinselTrace24-4:Neural Noel
Hackthebox Sherlocks - OpTinselTrace24-4 Neural Noel WriteUp
2024-10-27
Preparation of Windows Forensic Virtual Machine
Brief Setup for Preparation of Windows Forensic Virtual Machine
2024-12-10
HKCert CTF Forensic - Wheres the APT Attack 1 Guide
HKCert CTF Forensic - Q1 - Where's the APT Attack? APT攻擊在哪裡? Suspicious file 可疑檔案
2024-12-10
HKCert CTF Forensic - Wheres the APT Attack 2 Guide
HKCert CTF Forensic - Q2 - Where's the APT Attack? APT攻擊在哪裡? Suspicious process 可疑進程
2024-12-20
HKCert CTF Forensic - Wheres the APT Attack 3 Guide
HKCert CTF Forensic - Hidden Question - Where's the APT Attack? APT攻擊在哪裡? Hidden Flag? 隱藏旗?
Contents
- 1. Hackthebox Sherlocks - Compromised
- 2. Tasks
- 2.1. Task 1: What is the IP address used for initial access?
- 2.2. Task 2: What is the SHA256 hash of the malware?
- 2.3. Task 3: What is the Family label of the malware?
- 2.4. Task 4: When was the malware first seen in the wild (UTC)?
- 2.5. Task 5: The malware used HTTPS traffic with a self-signed certificate. What are the ports, from smallest to largest?
- 2.6. Task 6: What is the id-at-localityName of the self-signed certificate associated with the first malicious IP?
- 2.7. Task 6: What is the notBefore time(UTC) for this self-signed certificate?
- 2.8. Task 7: What was the domain used for tunneling?