TryHackMe: Investigating Windows Walkthrough
Тәжірибелік нұсқаулар және стиль
Background: A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.
We will dive into how you can go about, investigating a compromised windows system using windows event logs etc
Room: tryhackme.com/room/investigat...
This is a free room Connect and Direct Message me on Linkedin: / howard-mukanda-24503144
Пікірлер: 18
That was great! I learned a lot watching you and realized I was overthinking how to resolve a lot of these questions
your answer to #4 kinda seems like B.S. Why would you not show you actually retrieving the IP? update: the correct way to find the answer is much more complicated, the pop-up cmd shell does not give you the answer. One should go to the registry editor and go down the rabbit hole to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run which with a little research you will learn that this is where programs or scripts are stored that should be executed automatically when the Windows OS starts up. Here you will find the script that gives you the answer to #4 in the correct way.
at @6.40 why this event and not at the bottom one which is at 4:04:39 PM? Question asking first assign time its earlier
@nump9768
Жыл бұрын
i had the same question
@mohammedk8545
Жыл бұрын
same question
@SNan-oi9no
11 ай бұрын
I couldn't wrap my head around it too. It would be nice if someone could explain the reason for picking 4:04:49@@nump9768
@8080VB
9 ай бұрын
Somebody stands up for this. Guys. . But if you check the net user $username. There lies the correct answer. But however in the event viewer it's not the same.
@mkledits3679
8 ай бұрын
I got stuck on this too, I can't find the logic behind the answer why 4:04:49 is the correct answer and but 39, typo in the CTF?
great walkthrough thank you !
This is great video. Thank you.
how did you find the port it was listening on
Great Mr we need more information
Need Hip Flask walk-through!
Thank you!
Nice!
Please tell me how to get some one on one time with you? I am a premium member and I don't mind paying extra for a couple of hours.
heh good thinking
Very detailed walkthrough. Thank you.