CHdezFdez es

Level 1: File Server, 1,350 / 1,350 (100%)
100% complete
Level 2: Admin PC, 2,500 / 2,500 (100%)
100% complete
Level 3: Web Server, 3,750 / 3,750 (100%)
100% complete
Total: 7,600 / 7,600 (100%)

Solved challenges

Challenge Solved Points
5.How many accounts have successfully logged in on the last month? (Level 1: File Server) #5, 4 years, 7 months after release (2024-06-15 12:48:58) 100
6. How many times the attackers connected to this server? (Level 3: Web Server) #4, 4 years, 7 months after release (2024-06-15 12:33:23) 375
7. How many times the attackers connected to ADMINPC1 computer? (Level 3: Web Server) #4, 4 years, 7 months after release (2024-06-15 12:31:15) 400
9. How many computers has accessed salvador.bendito through RDP? (Level 2: Admin PC) #4, 4 years, 7 months after release (2024-06-15 12:30:40) 300
10. The EHP database is encrypted using an AES 4096 bits key. Taking account of all the evidences you've got through the case ... Do you believe the EHP spanish candidates data is safe? (Level 3: Web Server) #4, 4 years, 7 months after release (2024-06-15 12:24:20) 425
12. How many items (at most) where copied in order to be exfiltrated? (Level 1: File Server) Third to solve this challenge! 4 years, 7 months after release (2024-06-15 12:22:43) 175
9. Would you be able to identify the exact name of the malware on the previous question? (Level 3: Web Server) #4, 4 years, 7 months after release (2024-06-15 12:20:24) 425
8. This computer is a webserver (hence, a juicy target). The attackers have left an extra backdoor. Locate it. (Level 3: Web Server) #5, 4 years, 7 months after release (2024-06-15 12:20:04) 400
5. What is the real name of this executable? (Level 3: Web Server) #5, 4 years, 7 months after release (2024-06-15 12:18:15) 375
4. The attackers have dropped an executable on a system folder. What's its name? (Level 3: Web Server) #5, 4 years, 7 months after release (2024-06-15 12:11:10) 350
3. What exploit would you bet that has been used to access the server? (Level 3: Web Server) #5, 4 years, 7 months after release (2024-06-15 11:52:59) 350
2.Which user first connected successfully to the server? (Level 3: Web Server) #5, 4 years, 7 months after release (2024-06-15 11:47:59) 325
1. When was the server rebooted on 03/Nov/2019? Name the system start time. (Level 3: Web Server) Third to solve this challenge! 4 years, 7 months after release (2024-06-15 11:46:56) 325
8. There has been a recon action on this computer. When did this recon started? (Level 2: Admin PC) #6, 4 years, 7 months after release (2024-06-15 10:55:19) 275
10. Which IP has connected to this computer using RDP? (Level 2: Admin PC) #6, 4 years, 7 months after release (2024-06-15 10:34:28) 300
7. Could you find the name of a program that can help exonerate Salvador? (Level 2: Admin PC) #6, 4 years, 7 months after release (2024-06-15 10:32:53) 275
6. When was the service used by the exfiltration software installed? (Level 2: Admin PC) #6, 4 years, 7 months after release (2024-06-15 10:08:34) 250
5.When was the last file successfully exfiltrated? (Level 2: Admin PC) #5, 4 years, 7 months after release (2024-06-15 10:06:08) 250
4. To which remote computer was the data exfiltrated to? (Level 2: Admin PC) #5, 4 years, 7 months after release (2024-06-15 09:53:29) 225
3. Which program has transmitted most data on 05/Nov/2019 ? (Level 2: Admin PC) #6, 4 years, 7 months after release (2024-06-14 09:07:27) 225
2.Which song is going to be used for the EHP project? (Level 2: Admin PC) #5, 4 years, 7 months after release (2024-06-14 08:42:22) 200
1.Where in the system is hidden the folder "Secreto" (Secret) (Level 2: Admin PC) #7, 4 years, 7 months after release (2024-06-14 08:38:42) 200
11.Which executable do you think was used to exfiltrate data (Level 1: File Server) #7, 4 years, 7 months after release (2024-06-14 07:51:16) 175
10. Which registry key is the responsible for the non-matching timestamps in the previous challenge? (Level 1: File Server) #8, 4 years, 7 months after release (2024-06-14 07:29:01) 150
9. According to MFT, which time was last accessed the file README.txt.txt? And what time was REALLY opened this file with notepad.exe (Level 1: File Server) #8, 4 years, 7 months after release (2024-06-13 19:22:50) 150
8. Which user tried to mount \\*\C$ (Level 1: File Server) #9, 4 years, 7 months after release (2024-06-13 19:10:18) 125
6. Which users have connected (using any kind of protocol) to the system in last month? (Level 1: File Server) #8, 4 years, 7 months after release (2024-06-13 19:05:19) 100
7. Which user was online when the file lista_candidatos.xlsx was modified the last time? (Level 1: File Server) #6, 4 years, 7 months after release (2024-06-13 18:43:24) 125
4.EHP Project has a candidate list (the shortlist that was leaked). When was this list last accessed? (Level 1: File Server) #10, 4 years, 7 months after release (2024-06-13 18:36:50) 75
3.The EHP database is encrypted using PGP. What's the database name? (Level 1: File Server) #11, 4 years, 7 months after release (2024-06-13 18:33:07) 75
2.How many subfolders are in this shared folder (Level 1: File Server) #11, 4 years, 7 months after release (2024-06-13 18:26:01) 50
1.CHITONSRV has a shared folder. What's its name? (Level 1: File Server) #15, 4 years, 7 months after release (2024-06-13 18:13:08) 50