so I succesfully solved marhal in the middle.
Now I am stuck with reminiscent. My only question would be at the moment: Am I supposed to get the resume.zip from the link in the mail? I can’t access that url using vpn.
I hope I don’t spoiler with this question, but I don’t think so.
@FEVING said:
found a couple of malware and link to the resume.zip , analysis shows powershell calls but cant find the flag , is there something i am overlooking?
maybe dumping the powershell processes and searching will help?
@FEVING said:
found a couple of malware and link to the resume.zip , analysis shows powershell calls but cant find the flag , is there something i am overlooking?
maybe dumping the powershell processes and searching will help?
dumping the ps process and searching leads to what @FEVING found
first time tinkering with this type of work, it’s interesting. haven’t found the flag yet. i’ve been reading dumps and online docs all day ~_~
This was a world of help, Thanks heaps.
First time doing anything like this at all, Once I figured out what was able to be seen, Finding the flag took no more than 10 minutes.
Awesome challenge learnt a lot.
This was a world of help, Thanks heaps.
First time doing anything like this at all, Once I figured out what was able to be seen, Finding the flag took no more than 10 minutes.
Awesome challenge learnt a lot.
Hi have solved this challenge. However, I am not sure what was the use for the “resume.eml” file. Happy to discuss if anyone has solved it using .eml file?
Hi have solved this challenge. However, I am not sure what was the use for the “resume.eml” file. Happy to discuss if anyone has solved it using .eml file?
The .eml is provided Just as a hint to assist with the challenge or provide a starting point/things to look for.