Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
An anonymous attack has revealed that one of the names registered in an apparently harmless file belongs to a criminal wanted by the FBI. The clue is vague, but the evidence points to a pattern: an English male name, seven letters long, with a "C" somewhere in it.
As a Blue Team analyst, your task is to audit the file's contents, design a filtering logic, and detect possible matches. Then, you must manually validate your findings in the analysis environment and, if successful, you will obtain an encrypted flag that only the most precise can decipher.
👉 From this Blue Team section onwards, the first five challenges will require the use of a preconfigured virtual machine called web-threats-lab
. In some cases, you will only use this machine to validate your solutions; in others, you will also work directly on it.
Therefore, although part of your analysis can be done on your personal computer, the final validation must always be done within the virtual machine. So please do not delete or overwrite it, as it will be your workstation throughout this series.
1 https://storage.googleapis.com/cybersecurity-machines/web-threats-lab.ova
student:4geeks-lab
.You have a script available to help automate your work:
name_solver.py
: a Python script where you will test names based on the clues.1# name_solver.py 2# This script helps find possible names 3 4# Read names from a text file 5try: 6 with open("nombres.txt", "r", encoding="utf-8") as file: 7 names = [line.strip() for line in file if line.strip()] 8except FileNotFoundError: 9 print("The file 'nombres.txt' was not found.") 10 exit() 11 12# Go through the names and apply the filters 13for name in names: 14 if len(name) == 7 and 'c' in name.lower(): 15 print(f"Could this be the criminal? {name}") 16
When you think you have the correct name, you must validate it from the web-threats-lab
virtual machine with the following terminal command:
1validate-criminal-name
If your hypothesis is correct, an encrypted string will be revealed. It will be your task to interpret it properly to find what you are looking for.
Good luck, agent!
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team
Difficulty
easy
Average duration
1 hrs
Technologies
osint
owasp-a05-security-misconfiguration
Python
base64
cybersecurity
owasp-a07-identification-authentication-failures
blue-team