|
|
آ |
|
|
 |
|
|||||||
| آ |
|
آ
|
أدوات الموضوع |
: An attacker gained access to a server and established a way to maintain access. You are provided with a compressed archive of system files (often including /etc/ , /var/log/ , or specific configuration directories). Step-by-Step Write-up 1. Extraction and Initial Analysis
The file is a password-protected archive associated with the "Persistence" challenge from the 2024 HTB (Hack The Box) Cyber Apocalypse CTF (Capture The Flag) . Challenge Overview Category : Forensics / Incident Response
: Investigate a persistence mechanism on a compromised Linux system to retrieve a hidden flag.
: Copy the encoded string and decode it using a tool like CyberChef or the terminal: echo "ENCODED_STRING" | base64 -d Use code with caution. Copied to clipboard 4. Retrieving the Flag
Decoding the payload reveals a script that communicates with a remote server or simply contains the flag in a mangled format.
In this specific challenge, the persistence is hidden within a .
: The decoded script prints or reconstructs the flag: HTBp3rs1st3nc3_1s_th3_k3y_to_succ3ss_... .
: A service file (often named something innocuous like persistence.service or backup.service ) contains an ExecStart directive pointing to a suspicious script or command. 3. Decoding the Payload
: An attacker gained access to a server and established a way to maintain access. You are provided with a compressed archive of system files (often including /etc/ , /var/log/ , or specific configuration directories). Step-by-Step Write-up 1. Extraction and Initial Analysis
The file is a password-protected archive associated with the "Persistence" challenge from the 2024 HTB (Hack The Box) Cyber Apocalypse CTF (Capture The Flag) . Challenge Overview Category : Forensics / Incident Response
: Investigate a persistence mechanism on a compromised Linux system to retrieve a hidden flag.
: Copy the encoded string and decode it using a tool like CyberChef or the terminal: echo "ENCODED_STRING" | base64 -d Use code with caution. Copied to clipboard 4. Retrieving the Flag
Decoding the payload reveals a script that communicates with a remote server or simply contains the flag in a mangled format.
In this specific challenge, the persistence is hidden within a .
: The decoded script prints or reconstructs the flag: HTBp3rs1st3nc3_1s_th3_k3y_to_succ3ss_... .
: A service file (often named something innocuous like persistence.service or backup.service ) contains an ExecStart directive pointing to a suspicious script or command. 3. Decoding the Payload
 |
آ |
 |
| تنـويـه |
|
بسم الله الرحمن الرحيم نحب أن نحيط علمكم أن منتديات الضالع بوابة الجنوب منتديات مستقلة غير تابعة لأي تنظيم أو حزب أو مؤسسة من حيث الانتماء التنظيمي بل إن الإنتماء والولاء التام والمطلق هو لوطننا الجنوب العربي كما نحيطكم علما أن المواضيع المنشورة من طرف الأعضاء لا تعبر بالضرورة عن توجه الموقع إذ أن المواضيع لا تخضع للرقابة قبل النشر |
