TryHackMe WriteUp – Red Team Engagements

Der zweite Raum im neuen Red Teaming Path, Red Team Engagements. Lasst uns die Tickets holen!

Task 1 Introduction

Dieser Task enthält keine Fragen.

Task 2 Defining Scope and Objectives

Frage 1:
What CIDR range is permitted to be attacked?

Antwort 1:
10.0.4.0/22

Frage 2:
Is the use of white cards permitted? (Y/N)

Antwort 2:
y

Frage 3:
Are you permitted to access „*.bethechange.xyz?“ (Y/N)

Antwort 3:
n

Task 3 Rules of Engagement

Alle Fragen können mit dem bereitgestlltem Dokument beantwortet werden.

Frage 1:
How many explicit restriction are specified?

Antwort 1:
3

Frage 2:
What is the first access type mentioned in the document?

Antwort 2:
Phishing

Frage 3:
Is the red team permitted to attack 192.168.1.0/24? (Y/N)

Antwort 3:
n

Task 4 Campaign Planning

Dieser Task enthält keine Fragen.

Task 5 Engagement Documentation

Dieser Task enthält keine Fragen.

Task 6 Concept of Operations

Frage 1:
How long will the engagement last?

Antwort 1:
1 month

Frage 2:
How long is the red cell expected to maintain persistence?

Antwort 2:
3 weeks

Frage 3:
What is the primary tool used within the engagement?

Antwort 3:
Cobalt Strike

Task 7 Resource Plan

Frage 1:
When will the engagement end? (MM/DD/YYYY)

Antwort 1:
11/14/2021

Frage 2:
What is the budget the red team has for AWS cloud cost?

Antwort 2:
$1000

Frage 3:
Are there any miscellaneous requirements for the engagement? (Y/N)

Antwort 3:
n

Task 8 Operations Plan

Frage 1:
What phishing method will be employed during the initial access phase?

Antwort 1:
spearphishing

Frage 2:
What site will be utilized for communication between the client and red cell?

Antwort 2:
vectr.io

Frage 3:
If there is a system outage, the red cell will continue with the engagement. (T/F)

Antwort 3:
f

Task 9 Mission Plan

Frage 1:
When will the phishing campaign end? (mm/dd/yyyy)

Antwort 1:
10/23/2021

Frage 2:
Are you permitted to attack 10.10.6.78? (Y/N)

Antwort 2:
n

Frage 3:
When a stopping condition is encountered, you should continue working and determine the solution yourself without a team lead. (T/F)

Antwort 3:
f

Task 10 Conclusion

Dieser Task enthält keine Fragen.