🥷
TryHackMe
  • 🥷TryHackMe
  • Web Hacking Fundamentals
    • OWASP Top10
      • Task 5
      • Task 7
      • Task 8~11
      • Task 12~16
      • Task 20
      • Task 21~26
      • Task 29
  • Jr Penetration Tester
    • Introduction to Cyber Security
  • Red Teaming
    • Red Team Fundamentals
  • EXTRA
    • Advent of Cyber 2022
      • Day 1
      • Day 2
      • Day 3
      • Day 4
      • Day 5
      • Day 6
      • Day 7
      • Day 8
      • Day 9
      • Day 10
      • Day 11
Powered by GitBook
On this page
  • Use the ls command to list the files present in the current directory. How many log files are present?
  • Elf McSkidy managed to capture the logs generated by the web server. What is the name of this log file?
  • On what day was Santa's naughty and nice list stolen?
  • What is the IP address of the attacker?
  • What is the name of the important list that the attacker stole from Santa?
  • Look through the log files for the flag. The format of the flag is: THM{}
  1. EXTRA
  2. Advent of Cyber 2022

Day 2

PreviousDay 1NextDay 3

Last updated 2 years ago

Use the ls command to list the files present in the current directory. How many log files are present?

ls |wc -l

2

Elf McSkidy managed to capture the logs generated by the web server. What is the name of this log file?

webserver.log

On what day was Santa's naughty and nice list stolen?

Inside the webserver.log we can identify that the attacks happened on 18.11.2022 meaning:

Friday

What is the IP address of the attacker?

10.10.249.191

What is the name of the important list that the attacker stole from Santa?

Search for Santa and List with grep results in:

grep "santa" webserver.log |grep list

santaslist.txt

Look through the log files for the flag. The format of the flag is: THM{}

grep -ri "thm{" .

r -> recursive

i -> ignore case

. -> local folder

THM{STOLENSANTASLIST}