Room Banner

Extracted

We need your help!

medium

90 min

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Help

Working as a senior DFIR specialist brings a new surprise every day. Today, one of your junior colleagues raised an alarm that some suspicious traffic was generated from one of the workstations, but they couldn't figure out what was happening.

Unfortunately, there was an issue with the SIEM ingesting the network traffic, but luckily, the network capture device was still working. They asked if you could look to find out what happened since you are known as The Magician around these parts.

Note: For free users using the AttackBox, the challenge is best done using your own environment. Some browsers may detect the file as malicious. The zip file is safe to download with md5 of f9723177263da65ffdac74ffbf8d06a4. In general, as a security practice, download the zip and analyze the forensic files on a dedicated virtual machine, and not on your host OS.

Answer the questions below
What's the initial part of the password?

Find the missing character in the password.

What's the flag?

Created by

User avatar
tryhackme
User avatar
hadrian3689
User avatar
DrGonz0

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

3,587

Created

304 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information contact us.

Read more