Forum Discussion

Bronze III

6 months ago

Solved

Threat Hunting: Investigating a Fake PoC Q9

I am having issues trying to solve this last question. After running some obfuscated Powershell commands, the program outputs either a success or a failure message. What command is executed that set...

immersive labs

netcat
6 months ago
Assuming you solved the previous questions, found the main function:
Locate the row with "text = foo.bar()" and enter "foo.bar()". Too easy.

retornet

Bronze III

6 months ago

Wow I missed that. Thank you netcat for the help

Forum Discussion

Threat Hunting: Investigating a Fake PoC Q9

Featured Places

Help & Support Forum

Related Content

Help needed for Threat Hunting: Mining Behaviour

FIN7 Threat Hunting with Splunk: Ep.3 – Execution Logs

Threat Hunting Mining Behaviour - Question 1

APT29 Threat Hunting with Splunk: Ep.4 – Clean-up & Reconnaissance

Help needed for Threat Hunting - Credential Access

Recent Discussions

Microsoft Sentinel: SOAR Demonstrate your skills

Modern Encryption: Demonstrate Your Skills

"You are not licensed to view this lab"

Elastic Data Ingest: Ep.6 – Winlogbeat

Lab 9: Macro Polo