Daily Blog #576: Sunday Funday 12/23/18 - Syscache Challenge On Server 2008 R2

Syscache Challenge On Server 2008 R2 - David Cowen by Hacking Exposed Computer Forensics Blog

Hello Reader,
    Let's finish the year right. The last challenge of 2018 needs to be special.

The Prize:

$100 Amazon Giftcard

The Rules:

  1. You must post your answer before Friday 12/28/18 7PM CST (GMT -5)
  2. The most complete answer wins
  3. You are allowed to edit your answer after posting
  4. If two answers are too similar for one to win, the one with the earlier posting time wins
  5. Be specific and be thoughtful
  6. Anonymous entries are allowed, please email them to dcowen@g-cpartners.com. Please state in your email if you would like to be anonymous or not if you win.
  7. In order for an anonymous winner to receive a prize they must give their name to me, but i will not release it in a blog post

The Challenge:

On server 2008 r2 how would the following be seen in the syscache and what was logged:

1. Powershell empire agent

2. Meterpeter

3. Mimikatz

Also Read: Daily Blog #575

Post a Comment