Insider Lab

Q1) What distribution of Linux is being used on this machine?

Answer: kali

Q2) What is the MD5 hash of the apache access.log?

Right click on the access.log file -> Export File Hash List

Answer: d41d8cd98f00b204e9800998ecf8427e

Q3) It is believed that a credential dumping tool was downloaded? What is the file name of the download?

Answer: mimikatz_trunk.zip

Q4) There was a super-secret file created. What is the absolute path?

Answer: /root/Desktop/SuperSecretFile.txt

Q5) What program used didyouthinkwedmakeiteasy.jpg during execution?

Answer: binwalk

Q6) What is the third goal from the checklist Karen created?

Answer: Profit

Q7) How many times was apache run?

Answer: 0

Q8) It is believed this machine was used to attack another. What file proves this?

Answer: irZLAohL.jpeg

Q9) Within the Documents file path, it is believed that Karen was taunting a fellow computer expert through a bash script. Who was Karen taunting?

Answer: Young

Q10) A user su'd to root at 11:26 multiple times. Who was it?

Answer: postgres

Q11) Based on the bash history, what is the current working directory?

Answer: /root/Documents/myfirsthack/