Hello Everyone, we are about to join in ranks to battle the SANS Holiday Hack Challenge tasks again, today on dedicated Discord server. Please use the Meetup page for more details, ongoing announcements.
This post will summaries last Meetup progress and provides clues for further steps.
Let’s start we the recap. We started with:
Followed shortly by:
On the 23rd of January Meetup we have completed following tasks:
- Objective 1 – Uncover Santa’s Gift List – clues in blog post video above
- Objective 2a – Kringle Kiosk – clues in blog post video above
- Objective 2b – S3 bucket – clues give at a Discord were: update the wordlist and add the searched bucket name, use ‘cat’ command to inspect the bucket. Copy and inspect in CyberChef the file. Start unpacking and remember to pipe the output whenever needed.
- Objective 3a – Linux Primer – no clues were needed 🙂
- Objective 3b – Point-of-Sale Password Recovery – clues give at a Discord were: download the package, no need to install the shop. Unpack the exe file, and poke around until you find app.asar and use 7zip to open Asar file.
Later today, 5-7pm GMT we will be focusing on following tasks:
- all unfinished past tasks
- Objective 4a – Unescape Tmux – no help needed
- Objective 4b – Santavator operations – no help needed
- Objective 5a – Speaker UNPrep – first clue: ‘strings door’ with some filters, more clues @Discord
- Objective 5b – 5b: 33 Gkbps – no help needed
- Objective 5c – Open the HID lock in the Workshop – no help needed
- Objective 6a – Regex Toy Sorting – we will battle it together @Discord
- Objective 6b – Splunk Challenge – clue: look for Bro.
See you later at Discord.