User Tools


In the open area, inside the Dormitory, is Pepper Minstix:

It's me - Pepper Minstix.

Normally I'm jollier, but this Graylog has me a bit mystified.

Have you used Graylog before? It is a log management system based on Elasticsearch, MongoDB, and Scala.

Some Elf U computers were hacked, and I've been tasked with performing incident response.

Can you help me fill out the incident response report using our instance of Graylog?

It's probably helpful if you know a few things about Graylog.

Event IDs and Sysmon are important too. Have you spent time with those?

Don't worry - I'm sure you can figure this all out for me!

Click on the All messages Link to access the Graylog search interface!

Make sure you are searching in all messages!

The Elf U Graylog server has an integrated incident response reporting system. Just mouse-over the box in the lower-right corner.

Login with the username elfustudent and password elfustudent.

Terminal Challenge Graylog

That's it - hooray!

Have you had any luck retrieving scraps of paper from the Elf U server?

You might want to look into SQL injection techniques.

OWASP is always a good resource for web attacks.

For blind SQLi, I've heard Sqlmap is a great tool.

In certain circumstances though, you need custom tamper scripts to get things going!

Walking along the right hand corridor, I found Minty Candycane, who had a game for me to play:

Hi! I'm Minty Candycane!

I just LOVE this old game!

I found it on a 5 1/4“ floppy in the attic.

You should give it a go!

If you get stuck at all, check out this year's talks.

One is about web application penetration testing.

Good luck, and don't get dysentery!

Terminal Challenge Holiday Hack Trail

You made it - congrats!

Have you played with the key grinder in my room? Check it out!

It turns out: if you have a good image of a key, you can physically copy it.

Maybe you'll see someone hopping around with a key here on campus.

Sometimes you can find it in the Network tab of the browser console.

Deviant has a great talk on it at this year's Con.

He even has a collection of key bitting templates for common vendors like Kwikset, Schlage, and Yale.

Further along the corridor is Minty's Dorm Room