Instructions

Advanced CTF


There are two console's to be accessed today, Vision One and CTFD. Please use Google Chrome or FireFox for today's CTF. Avoid using Safari.

“Please read each question carefully and thoroughly. Within each question is hidden a character (single digit number or letter) posing as a typo. Once you find it, copy the character to a notepad document (preferably notepad++ as it will come in handy later). At the end of Lab Exercise 3-05, you should have collected all the 24 “typos” character which will then form a string of 24 characters in Hexadecimal format. Example: HEX: “5468726561742068756E74696E6721”. The final step will be to use the Converter Plugin in Notepad++ to convert the text from HEX to ASCII to obtain the final Flag! Example: ASCII: “Threat hunting!

Examples of hidden character:
1. “XDR sensors across email, endpoints, servers, cloud workloads, and networks identify and correlate activities2 to produce high-confidence detections—with the power to search, investigate, analyze, and respond from a single console.” a. Finding: The hidden Character here is the number 2. Posed as a typo right after “activities”

2. “XDR sensors across email, endpoints, servers, cloud workloads, and networks identify and correlate aactivities to produce high-confidence detections—with the power to search, investigate, analyze, and respond from a single console.” a. Finding: The hidden Character here is the letter a. Posed as a typo right before “activities”

3. “XDR sensors across email, endpoints, servers, cloud workloads, and networks identify and correlate activitie5 to produce high-confidence detections—with the power to search, investigate, analyze, and respond from a single console.” a. Finding: The hidden Character here is the number 5. Posed as a typo for letter ‘s’ “activities”

Note: The final string of 30 characters will be in Hexadecimal format. List of numbers and letters to be expected is therefore: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 and A, B, C, D, E, F respectively. The final question carries bonus marks!”

Before you begin with today's CTF, it will be helpful to familiarize yourself with the TREND MICRO VISION ONE console using the below credentials.

Login to Trend Micro Vision One Console with the following credentials for the CTF challenges

• URL: https://portal.xdr.trendmicro.com/
• Account Name: CTFSSA@znzl.onmicrosoft.com
• Password: 4Bw6uCm$jAG%WNM&

Filter detections in all Vision One app's by "last 7 days".

Please Do not click save for any activity during the labs.