TryHackMe! Investigating a Hacked Windows Machine

Подписаться 2,6 тыс.

Просмотров 1,9 тыс.

50% 1

Video walkthrough for the TryHackMe Investigating Windows challenge!
Blog Walkthrough: jasonturley.xy...
TryHackMe Investigating Windows: tryhackme.com/...
Help support the channel with a like, comment & subscribe!
====Links====
🤖Discord: / discord
💻Blog: jasonturley.xy...
🐔Twitter: / _jasonturley
🐙GitHub: github.com/Jas...
🔗LinkedIn: / jasonturley
====Support====
☕BuyMeACoffee: www.buymeacoff...
💖Donate Crypto: jasonturley.xy...
🐳DigitalOcean: m.do.co/c/f2f4... ← receive $100 in credits
====Study Notes====
eJPT certification cheat sheet: github.com/Jas...
GXPN/SANS SEC660 course review: jasonturley.xy...
====Music====
“Easy Hike” by Yari

Опубликовано:

13 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 7

@WhatsTruckin 6 дней назад

if you don't know the net cast file to be malicious/suspicious how would you go about finding it?

@KelleeWatson-e4v Месяц назад

I found it but how di you know to even search for nc.ps1 file?

@jasonturley Месяц назад

In the video I saw the command prompt pop up with the file path of C:\TMP, which is not a normal folder. So I decided to look inside the folder and discovered that there are some sus executables in there. The question asks for the name of the file that runs daily, so we know we’d have to look at the scheduled tasks on the system. In real life, it’s beneficial to have a baseline of what’s normal on a windows or linux environment. That way you can quickly spot when something looks out of place. It is a skill that comes with time. I used to practice by looking at the process list, Netstat output and folders on my own laptop

@KelleeWatson-e4v Месяц назад

when trying to find the nc ps 1 file im not finding it. anyadvice?

@jasonturley 10 дней назад

dir /b /s C:\