Another day, another challenge…
In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.
In our ninth challenge, we’re presented with a scenario where McSkidy notices there’s a large amount of traffic entering one system of the network. We need to use our traffic analysis skills to determine what the Grinch is up to destroy Christmas.
For this challenge we’re going to use a program called Wireshark. Wireshark allows us to review live network traffic to get usernames, passwords, etc. You might be thinking – well why can’t we just use the interception proxy that we used before in a previous challenge? Well interception proxies only work for web pages. Wireshark can work for other services that are not web pages such as a File Transfer Protocol (FTP) server where we can upload files to a server. A Domain Name Server (DNS) where we can substitute an IP address to a hostname. This will be especially useful during the challenge.
Can we use the information we learned about Wireshark to figure out how the Grinch is trying to destroy Christmas?
Well… click the below video to find out!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007