In this hands-on lab, you will dive into a real-world scenario where a Linux server has been breached. The attacker exploited various misconfigurations to gain unauthorized access and deployed malware on the system. Your task is to investigate the breach, identify the misconfigurations, and analyze the deployed malware to understand the attacker’s actions and objectives.
Initial Compromise: Discover how the attacker initially compromised the server through misconfigurations.
Privilege Escalation: Identify the techniques used by the attacker to escalate privileges on the Linux system.
Malware Analysis: Examine how the malware was deployed by the attacker on the system.
Log Analysis: Analyze system logs to trace the attacker’s actions and timeline.
Remediation: Learn best practices to secure the system and prevent similar breaches in the future.
You will get access to all the evidence collected from the breached server.
Password: threatbreach.io
| Link To Evidence | SHA256 |
|---|---|
| 🔗 ThreatBreach-ALS.img.gz | 700b0a8438f23f65dae47ca3b5df4d705a01bb33a24b2bbfbe9f51ec0a50da6c |
| 🔗 ThreatBreach-ALS.pcap | 702c18177a2b206addf2ef563d9265842c92c45e08387fc832cdbb4b5c283ddc |
| 🔗 ThreatBreach-ALS-Logs.gz | e8fe68744af5cdda4ffdf5050440e11cf6f2ae38c1aa505a7e59a84784f43a5a |
Writeup will be published soon, If you want to send your writeup to be evaluated share it on labs[@]threatbreach.io