noone___'s blog
0%

THM打靶日寄36-Advent of Cyber 2024:Day4

发表于 分类于
蓝队工具
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
1) What was the flag found in the .txt file that is found in the same directory as the PhishingAttachment.xslm artefact?
THM{GlitchTestingForSpearphishing}

2) What ATT&CK technique ID would be our point of interest?
Ans - T1059

3) What ATT&CK subtechnique ID focuses on the Windows Command Shell?
T1059.003

4) What is the name of the Atomic Test to be simulated?
Simulate BlackByte Ransomware Print Bombing

5) What is the name of the file used in the test?
Wareville_Ransomware.txt

6) What is the flag found from this Atomic Test?
THM{R2xpdGNoIGlzIG5vdCB0aGUgZW5lbXk=}

hydra -l admin -P /usr/share/wordlist/rockyou.txt -t 10 -vV -e ns -f papash3ll.thm http-get /login