Hello, I couldn’t complete the mission. There isn’t enough information in the log, and I don’t know how to analyze the pcapng file. Can you help me?
hi, you need to analyze pcapng with wireshark. You can take a look Wireshark Fundamentals Lab to learn the use of the Wireshark tool and Wireshark tips for SOC analysts Lab for the advance usage.
Okay thanks, but I couldn’t find the last two questions. Is there a website where I can look at attack techniques?
you can find the cve number by searching the attack name with related platform and look at the logs carefully, where is the vulnerability related to? For the attack technique question, you’re getting close, but you’re missing a letter
I tried over 100 answers, but I still couldn’t figure out the CVE number format. Should we write it as CVE-***, or just the number without “CVE”? Should it be in uppercase or lowercase? Can you help me? Also, which website should we search on? I feel like I’ve checked every site, but I couldn’t find anything.
answer format is CVE-****-***** . Did you find the attack? You can investigate the vulnerabilities on the platform along with the attack technique. When examining the logs, pay attention to where the vulnerability is in WordPress
Thank you, I found the solution. I have 2 remaining questions shown in the attachment. I answered the other questions correctly. I’ve tried every method for these two as well. I used TCP Follow Stream but couldn’t find anything. I applied HTTP filtering but still couldn’t locate it. I also filtered by IP address, but no success. Do you have any tips or hints for solving this?
think about which wireshark filter could be used after getting shell with related port number.