Start interactive tutorial

← Back to Projects

Pwned! - Find the Backdoor

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

🌱 How to start this lab
Your Mission: Find the Exact Path to the Malicious File
  • Validation

This lab tests your observation skills, your command of basic Unix tools, and your judgment in recognizing malicious code.

In this lab you will practice:

  • Manual exploration of a real web server's file system
  • Using tools like find, grep, less, and cat to search for suspicious artifacts
  • Identifying common patterns in PHP reverse shells

🌱 How to start this lab

Follow these steps to get started:

  1. Download the lab files from this link:
We are sorry, you don't have enough privileges to access this block of content, please signup or upgrade your plan to access it.
1 https://storage.googleapis.com/cybersecurity-machines/web-threats-lab.ova
  1. Import the virtual machine into VirtualBox or VMware.
  2. Start the VM, log in as the user student:4geeks-lab, and open the website in your browser if you wish:
1 http://<ip_machine>/pwned/

Your Mission: Find the Exact Path to the Malicious File

TerraSafe is a cybersecurity consulting firm with international clients. But someone on the team — possibly a disgruntled former employee — has planted malicious code inside the web server.

Your job as a threat hunter is to investigate the site. The malicious code is still active and hidden in plain sight. You must find the exact path to the compromised file and validate it to uncover evidence of the attack.

Validation

Once you believe you’ve found the absolute path to the file, run the following command on the virtual machine:

1validate-malicious-path

The script will prompt you to enter the absolute file path. If it’s correct, it will reveal what you're looking for.

💡 Tips

  • Look for comments in the code — they may contain subtle clues.

Good luck!

Sign up and get access to solution files and videos for free

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

Sign up and get access to solution files and videos for free

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies