To access material, start machines and answer questions login.
We believe these employees used the credentials they were given in order to access some of the many private files from our server, but we need concrete proof.
The junior system administrator only has a small network capture of the incident and a memory dump of the Local Security Authority Subsystem Service process.
Fortunately, for your company, that is all you need.
Extract the zip file's contents and recover the information in order to answer the questions.
Note: For free users using the AttackBox, the challenge is best done using your own environment. Some browsers may detect the file as malicious. The zip file is safe to download with md5 of 286c133a1b67c068f86cef06785e104d. In general, as a security practice, download the zip and analyze the forensic files on a dedicated virtual machine, and not on your host OS.
What is the password of the user in question 1?
What is the hash of the user in question 4?
What is the flag that the second user got access to?
Created by
Room Type
Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!
Users in Room
4,074
Created
372 days ago
Ready to learn Cyber Security? Create your free account today!
TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.
Already have an account? Log in