TryHackMe Advent of Cyber 2022 [Day 2] | Karthikeyan Nagaraj
Log Analysis Santa’s Naughty & Nice Log
Advent of Cyber-4 Day 2 — December 2, 2022 ~ Karthikeyan Nagaraj
- Use the
ls
command to list the files present in the current directory. How many log files are present?
First of all Connect to the Machine or Attack box
Then type ls Command to List the Files and Folders
Ans: 2
2. Elf McSkidy managed to capture the logs generated by the web server. What is the name of this log file?
Ans: webserver.log
3. Begin investigating the log file from question #3 to answer the following questions.
Ans: No Answer Needed
4. On what day was Santa’s naughty and nice list stolen?
Let’s Investigate the File by Grep
cat webserver.log | grep “friday”
Ans: friday
5. What is the IP address of the attacker?
As the Log File Displays the IP of Attacker
Ans: 10.10.249.191
6. What is the name of the important list that the attacker stole from Santa?
cat webserver.log | grep santa
Ans: santaslist.txt
7. Look through the log files for the flag. The format of the flag is: THM{}
grep -r "THM"
Ans: The Answer is in the Above Image
8. Interested in log analysis? We recommend the Windows Event Logs room or the Endpoint Security Monitoring Module.
Ans: No Answer Needed
Thank you for Reading!!
Happy Hacking ~
Author : Karthikeyan Nagaraj ~ Cyberw1ng
Tryhackme , Tryhackme Advent of Cyber 2022 December 2, Day 2 , Task 7 [Day 2] Log Analysis Santa’s Naughty & Nice Log , Advent of Cyber 2022 Day 2 Answers