Forum Discussion

Bronze III

14 days ago

Solved

Malware Analysis: Tracking a LOLBins Campaign – Acquisition

Has anybody managed to get a token for the snort question on this lab? I've created a rule that searches for one of the GET requests given in the pcap file but snort isn't finding anything.

defensive cyber

RobN
10 days ago
Hi Tilly,
Thanks for the info - I completed this lab at the weekend. I'd been using the return key in my snort rules file and the lab wasn't parsing it correctly. I created the snort rule on one complete line and it created the token.txt file immediately.

TillyCorless
Community Manager
10 days ago
Hey RobN I can see that GusC has recently completed this lab... I wonder if they could offer any hints?
- RobN
  Bronze III
  10 days ago
  Hi Tilly,
  Thanks for the info - I completed this lab at the weekend. I'd been using the return key in my snort rules file and the lab wasn't parsing it correctly. I created the snort rule on one complete line and it created the token.txt file immediately.
  - TillyCorless
    Community Manager
    10 days ago
    Persistence is the 🔑
    Glad you managed to complete it. Your insights will be useful to other community members!

Forum Discussion

Malware Analysis: Tracking a LOLBins Campaign – Acquisition

Related Content

Malware Analysis: Tracking a LOLBins Campaign – Examination

Malicious Document Analysis: Dropper Analysis

Malware Analysis: Shlayer

Malicious Document Analysis: Dropper Analysis

Practical Malware Analysis: .NET Encryption and Encoding

Recent Discussions

Web Log Analysis: Ep.5 – Searching Web Server Logs using Linux CLI

Malware Analysis: Shlayer

Introduction to Detection Engineering: Ep.5 – Custom Alerting

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Course Secure Testing: XSS