登录查看更多内容

Advent of Cyber 2024 [ Day 3 ] Writeup | TryHackMe Walkthrough

Karthikeyan Nagaraj

Penetration Tester | Secured NASA, Oxford, Drexel, and 15+ Government Organisations | Co-Lead Defcon Local Chapter | Speaker

发布日期: 2024年12月3日

+ 关注

Task 9: Log analysis Day 3: Even if I wanted to go, their vulnerabilities wouldn’t allow it.

1. BLUE: Where was the web shell uploaded to?

Answer format: /directory/directory/directory/filename.php

Open Elastic Page Using the Given Url
Click On the vertical nav bar on the Left side, click Discover, and select Frostypines if not selected.
Set the Time Oct 1 00:00 to Oct 3 20:00
You can Add a field called requests to find the malicious path

Read Further on Medium...

要查看或添加评论，请登录

Karthikeyan Nagaraj的更多文章

$35,000 Bounty: How Inappropriate Access Control Led to GitLab Account Takeover

2025年3月2日

$35,000 Bounty: How Inappropriate Access Control Led to GitLab Account Takeover

Introduction In cybersecurity, vulnerabilities can arise from the most unexpected defects. A recent account takeover…
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeover

2025年2月25日

$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeover

Introduction: The Risk of Leaked Session Cookies Session cookies play a critical role in user authentication, allowing…
25000$ IDOR: How a Simple ID Enumeration Exposed Private Data

2025年2月22日

25000$ IDOR: How a Simple ID Enumeration Exposed Private Data

Timeline June 28, 2022: A security researcher submits a report detailing a critical GraphQL vulnerability. June 29…
$25,000 Bug Bounty for a GraphQL Security Flaw!

2025年2月20日

$25,000 Bug Bounty for a GraphQL Security Flaw!

A security researcher recently uncovered a critical GraphQL vulnerability that exposed private bug bounty program…
Advent of Cyber 2024 [ Day 7 ] Writeup with Answers | TryHackMe Walkthrough

2024年12月7日

Advent of Cyber 2024 [ Day 7 ] Writeup with Answers | TryHackMe Walkthrough

Welcome to TryHackme — Advent of Cyber 2024 What is JQ? Earlier, it was mentioned that Cloudtrail logs were…
Advent of Cyber 2024 [ Day 4] Writeup with Answers | TryHackMe Walkthrough

2024年12月4日

Advent of Cyber 2024 [ Day 4] Writeup with Answers | TryHackMe Walkthrough

Task 10 — Atomic Red Team Day 4: I’m all atomic inside! Make sure to study the Guides and Instructions and Understand…
Advent of Cyber 2024 [ Day 2] Writeup with Answers | TryHackMe Walkthrough

2024年12月2日

Advent of Cyber 2024 [ Day 2] Writeup with Answers | TryHackMe Walkthrough

Welcome to TryHackme — Advent of Cyber 2024 Event Link: https://tryhackme.com More log-on attempts? Could this be a…

1 条评论
Advent of Cyber 2024 [ Day 1 ] Writeup with Answers | TryHackMe Walkthrough

2024年12月1日

Advent of Cyber 2024 [ Day 1 ] Writeup with Answers | TryHackMe Walkthrough

In this year’s Advent of Cyber, can you help McSkidy and the Glitch defend SOC-mas against the evil Mayor Malware’s…

See all articles

Advent of Cyber 2024 [ Day 3 ] Writeup | TryHackMe Walkthrough

Karthikeyan Nagaraj

Penetration Tester | Secured NASA, Oxford, Drexel, and 15+ Government Organisations | Co-Lead Defcon Local Chapter | Speaker

Task 9: Log analysis Day 3: Even if I wanted to go, their vulnerabilities wouldn’t allow it.

1. BLUE: Where was the web shell uploaded to?

Karthikeyan Nagaraj的更多文章

社区洞察

其他会员也浏览了

Week 16 of 2024

Week 15 of 2024

Week 8 of 2024

What Questions About the Dark Web Can We Answer for You?

Next BHIS Webcast -- Attack Tactics 8 - Poison the Well w/ Jordan Drysdale & David Fletcher

Cyber Labs Resources (Free)

Blue Team CTF: Warzone 1

KRACK - A Critical WPA-2 Flaw

Hack the Basic Pentesting:2 VM (CTF Challenge)

PugRecon - Subdomain Finder Tool

Task 9: Log analysis Day 3: Even if I wanted to go, their vulnerabilities wouldn’t allow it.

1. BLUE: Where was the web shell uploaded to?

Karthikeyan Nagaraj的更多文章

$35,000 Bounty: How Inappropriate Access Control Led to GitLab Account Takeover

$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeover

25000$ IDOR: How a Simple ID Enumeration Exposed Private Data

$25,000 Bug Bounty for a GraphQL Security Flaw!

Advent of Cyber 2024 [ Day 7 ] Writeup with Answers | TryHackMe Walkthrough

Advent of Cyber 2024 [ Day 4] Writeup with Answers | TryHackMe Walkthrough

Advent of Cyber 2024 [ Day 2] Writeup with Answers | TryHackMe Walkthrough

Advent of Cyber 2024 [ Day 1 ] Writeup with Answers | TryHackMe Walkthrough

社区洞察

其他会员也浏览了

Week 16 of 2024

Week 15 of 2024

Week 8 of 2024

What Questions About the Dark Web Can We Answer for You?

Next BHIS Webcast -- Attack Tactics 8 - Poison the Well w/ Jordan Drysdale & David Fletcher

Cyber Labs Resources (Free)

Blue Team CTF: Warzone 1

KRACK - A Critical WPA-2 Flaw

Hack the Basic Pentesting:2 VM (CTF Challenge)

PugRecon - Subdomain Finder Tool