forensicsmedium

Investigation

taipanbyte

Task: Analyze web server access.log to identify cyberattack traces and extract compromise artifacts. Solution: HTTP status code analysis revealed SELECT instead of numeric codes due to SQL injection breaking log parsing; extracted hex values from UNION SELECT CHAR() payloads and decoded to flag.

$ ls tags/ techniques/

sql_injection hex_encoding log_analysis data_exfiltration apache_logs anomaly_detection

log_analysishex_decodingstatus_code_anomaly_detectionsqli_pattern_recognitionchronological_reconstruction

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Create a free account with GitHub, then upgrade to Pro.

$ssh [email protected]