helsinki es

Level 1: File Server, 1,175 / 1,350 (87%)
87.037037037037% complete
Level 2: Admin PC, 2,500 / 2,500 (100%)
100% complete
Level 3: Web Server, 3,000 / 3,750 (80%)
80% complete
Total: 6,675 / 7,600 (87.8%)

Solved challenges

Challenge Solved Points
9. Would you be able to identify the exact name of the malware on the previous question? (Level 3: Web Server) Third to solve this challenge! 4 years, 3 months after release (2024-02-27 13:29:34) 425
8. This computer is a webserver (hence, a juicy target). The attackers have left an extra backdoor. Locate it. (Level 3: Web Server) #4, 4 years, 3 months after release (2024-02-27 13:22:42) 400
5. What is the real name of this executable? (Level 3: Web Server) #4, 4 years, 3 months after release (2024-02-27 13:22:27) 375
7. How many times the attackers connected to ADMINPC1 computer? (Level 3: Web Server) Third to solve this challenge! 4 years, 3 months after release (2024-02-27 13:10:39) 400
6. How many times the attackers connected to this server? (Level 3: Web Server) Third to solve this challenge! 4 years, 3 months after release (2024-02-27 13:10:34) 375
4. The attackers have dropped an executable on a system folder. What's its name? (Level 3: Web Server) #4, 4 years, 3 months after release (2024-02-27 13:03:42) 350
3. What exploit would you bet that has been used to access the server? (Level 3: Web Server) #4, 4 years, 3 months after release (2024-02-27 12:57:03) 350
2.Which user first connected successfully to the server? (Level 3: Web Server) #4, 4 years, 3 months after release (2024-02-27 12:54:11) 325
9. How many computers has accessed salvador.bendito through RDP? (Level 2: Admin PC) Third to solve this challenge! 4 years, 3 months after release (2024-02-27 12:33:21) 300
7. Could you find the name of a program that can help exonerate Salvador? (Level 2: Admin PC) #5, 4 years, 3 months after release (2024-02-27 11:03:23) 275
10. Which IP has connected to this computer using RDP? (Level 2: Admin PC) #5, 4 years, 3 months after release (2024-02-27 10:58:41) 300
8. There has been a recon action on this computer. When did this recon started? (Level 2: Admin PC) #5, 4 years, 3 months after release (2024-02-26 11:35:48) 275
6. When was the service used by the exfiltration software installed? (Level 2: Admin PC) #5, 4 years, 3 months after release (2024-02-23 11:45:26) 250
5.When was the last file successfully exfiltrated? (Level 2: Admin PC) #4, 4 years, 3 months after release (2024-02-23 11:42:29) 250
4. To which remote computer was the data exfiltrated to? (Level 2: Admin PC) #4, 4 years, 3 months after release (2024-02-23 11:35:32) 225
3. Which program has transmitted most data on 05/Nov/2019 ? (Level 2: Admin PC) #5, 4 years, 3 months after release (2024-02-23 11:06:44) 225
2.Which song is going to be used for the EHP project? (Level 2: Admin PC) #4, 4 years, 3 months after release (2024-02-23 09:49:21) 200
1.Where in the system is hidden the folder "Secreto" (Secret) (Level 2: Admin PC) #6, 4 years, 3 months after release (2024-02-23 09:19:08) 200
10. Which registry key is the responsible for the non-matching timestamps in the previous challenge? (Level 1: File Server) #7, 4 years, 3 months after release (2024-02-22 11:32:52) 150
11.Which executable do you think was used to exfiltrate data (Level 1: File Server) #6, 4 years, 3 months after release (2024-02-22 11:14:31) 175
9. According to MFT, which time was last accessed the file README.txt.txt? And what time was REALLY opened this file with notepad.exe (Level 1: File Server) #7, 4 years, 3 months after release (2024-02-22 11:03:36) 150
4.EHP Project has a candidate list (the shortlist that was leaked). When was this list last accessed? (Level 1: File Server) #9, 4 years, 3 months after release (2024-02-22 10:12:19) 75
8. Which user tried to mount \\*\C$ (Level 1: File Server) #8, 4 years, 3 months after release (2024-02-22 10:06:38) 125
7. Which user was online when the file lista_candidatos.xlsx was modified the last time? (Level 1: File Server) #5, 4 years, 3 months after release (2024-02-22 10:06:17) 125
6. Which users have connected (using any kind of protocol) to the system in last month? (Level 1: File Server) #7, 4 years, 3 months after release (2024-02-22 10:05:36) 100
5.How many accounts have successfully logged in on the last month? (Level 1: File Server) #4, 4 years, 3 months after release (2024-02-22 10:04:41) 100
3.The EHP database is encrypted using PGP. What's the database name? (Level 1: File Server) #10, 4 years, 3 months after release (2024-02-22 09:30:06) 75
2.How many subfolders are in this shared folder (Level 1: File Server) #10, 4 years, 3 months after release (2024-02-22 09:28:07) 50
1.CHITONSRV has a shared folder. What's its name? (Level 1: File Server) #13, 4 years, 3 months after release (2024-02-22 09:05:43) 50