You are provided with a list of objectives for this scenario. In order to complete these objectives, you will need the following information:
- Using VNC, you will be placed in a Windows 10 host as user1.
- In order to get the Kali system to perform Linux tasks, you will use PuTTY to SSH to the default port. PuTTY can be found in the applications menu.
- The user1 password is P@ssedU1 for Kali and Windows.
- The user1 user has sudo permissions to get to tasks requiring elevated privileges. You will need the user1 password to execute sudo.
- In cases where you are asked for an answer, you should use the submit program. On Linux systems, this is a command line program that you use as follows, as an example: submit –answer “wubble”
- ON Windows systems, the submit program is GUI-based and you can find it on the desktop. Ensure its run as administrator.
- Your target will typically be the server named Target. You can find the IP address for it on the network map.
- You can access the Splunk server’s web interface at http://172.16.0.13:8000 with user ‘admin’ and password defender.
- Domain admin is user ‘bradmin’ and password B@ttl3R00m!.
- You have twelve hours to complete this scenario.
Rules of Engagement:
Several components of the environment are directly related to objective detection and scoring. Therefore, they are considered OFF LIMITS! If these components are modified, your score may not register properly. PROCEED WITH CAUTION!
- The 10.0.0.0/24 AND 10.1.0.0/24 networks.
- The following logging services: auditd, syslog, nxlog, and Windows Event Viewer.