20pts
Web
Now that you’ve helped her open and view the file, Cuzco knows two things. One, the file creator should work on password complexity. Two, before visiting the website on the flyer, she should investigate it using some threat hunter sites. Investigate the site with the following tools:
Use https://www.whois.com/ or the whois command on the command line
URLscanner https://urlscan.io/ make sure it is a private scan
Pulsedive at https://pulsedive.com/ and complete a passive scan of the site
Based on your research, what year was this site first registered?
Also, what level of risk would Cuzco be taking on if she were to visit the site?
Flag format FLAG{YEAR___***}
Cuzco had traveled far, met new friends, worked on balance, gained new knowledge, and gained 10 flags - effectively working on 10x her skills. She knew that eventually, she’d need to go back 127.0.0.1 (an IP address for localhost usually meaning you are home), and she had gained so much on her quest.
She decided to review a few resources to make her trip home a learning experience and have some balance too:
https://www.sans.org/blog/dont-miss-these-top-rated-sans-summit-replays/
https://www.sans.org/blog/visual-summary-of-sans-new-to-cyber-summit/
And because balance:
https://youtu.be/VZrDxD0Za9I?list=PLu4wnki9NI_8VmJ7Qz_byhKwCquXcy6u9
https://youtu.be/f0RQ5C7g_tA?list=PLnzLfzo-SovQvT8zbcBdkeNkwZ38f2SAM
She safely made it back to her 127.0.0.1, and once she arrived, she found that her home was more open than she remembered. There was more community surrounding it than she thought. She just had to look out the window and remember she’d had her adventure, there was help to be found, and she was part of this community - she belonged! Remember you belong here and are part of our community too.
Using the provided website Pulsedive shows that the website is Very low risk and registered in 2002:
Flag: 2002_very_low_risk