Just a quick little post, mainly to myself, but I wanted to drop some malicious office analysis walkthroughs (and tool links) here just so I can come back to them later. I got pretty involved in a Malware Analysis class in college and ended up liking it a lot, so I hope to post some walkthroughs here myself!
OverTheWire is a community run cyber-war zone, that can help users learn practice and learn the major concepts of different security scenarios through games. Currently, they offer 17 in total, but whether some are up or down depends on the day (they are almost always up though, the developers are very reliable).
Bandit is the first game that they recommend people to play, just to gauge where you’re at and help you relearn some of those Linux skills. Let’s start with Level 0 –> Level 1.
Level 0 —> Level 1
Really not too bad at all. The goal of this level was just to get you into the first server, and have you prepped for level one. In level one, you’ll be looking for a file stored in the home directory — it contains a password. Helpful reading:
And with a few quick commands, we’ve grabbed it! Now, ssh into the next level and use that long string of numbers that “readme” file gave you.
Level 1 —> Level 2
At this point, I’m going to stop posting screenshots of me ssh’ing in, because I don’t want to annoy you. In this level, you will need to open a file named “-“. When in doubt about a filename, use your slash!
And there ya have it!
Level 2 —> Level 3
Here they want you to open a file with spaces in it’s name. Not to rough, but for the uninformed they might have to do a little reading up on the resources provided on the site to further familiarize themselves with Bash scripting.
The file you are looking for in this level is available in a hidden file, in the inhere directory. Make sure as you go through these levels, you also take a look at each commands help pages so that you can learn more about their modifiers.
For example here, the command “ls –help” will bring up information regarding the “ls” command. You can use it to read about the modifier that was used in this level.
Level 4 —> Level 5
For this level, you’ll need to find the only human-readable file in the inhere directory. Here, you might want to look up and learn more about search terms and commands, like “find”. It’ll come in handy later.
Level 5 —> Level 6
Your target file is located in the inhere directory, and is human-readable, 1033 bytes in size, and is not executable. If you looked into the find command for the last one, you’ll really want to use that knowledge here!
Well, that’s it for now! If you have any questions or critiques, feel free to shoot me over a form via the Contact Me page. If you’d like to read more about the topics discussed above, here are a few links: