Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
In this lab, you will investigate a possible intrusion in a Linux system. The only initial clue is an image of the Mona Lisa that seems harmless... but everything changes when you discover it hides suspicious metadata.
In this lab you will learn:
👉 This challenge is solved inside a preconfigured Linux virtual machine.
1https:/cybersecurity-machines/metadata-investigation-lab.ova
Import the machine into VirtualBox.
Log in as the user artlover:4geeks-lab
.
The system includes essential tools such as:
exiftool
bash
, grep
, ps
, crontab
The system you are auditing contains an image called monalisa.jpg
. Something about it doesn't add up—it was modified, and inspecting its metadata reveals suspicious information.
If you manage to completely disable the attacker's infrastructure, you will gain access to the full flag for the challenge.
If you have cleaned the machine of malicious behaviors, switch to the intruder
user and run the following verification command:
1validate-challenge-finished
This command will validate if you have deleted the malicious process and will give you the second part of what you are looking for.
Only if you complete each phase of the analysis will the system reveal the whole truth.
Are you ready to look beyond the mirror?
Good luck, Analyst!
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis
Difficulty
intermediate
Average duration
1 hrs
Technologies
linux
cybersecurity
blue-team
digital forensics
metadata-analysis