MAL: REMnux - The Redux
-
I'm all buckled up and ready to get started.
No Answer.
-
I've deployed my instance
No Answer.
-
How many types of categories of "Suspicious elements" are there in "notsuspicious.pdf"
Repeating step in example ;
Answer : 3
-
Use peepdf to extract the javascript from "notsuspicious.pdf". What is the flag?
Answer : THM{Luckily_This_Isn't_harmful}
-
How many types of categories of "Suspicious elements" are there in "advert.pdf"
Answer : 6
-
Now use peepdf to extract the javascript from "advert.pdf". What is the value of "cName"?
Answer : notsuspicious
-
What is the name of the Macro for "DefinitelyALegitInvoice.doc"
Executing the following code :
vmonkey DefinitelyALegitInvoice.doc
[...]
We got the name of the macro.
Answer : Defolegit
-
What is the URL the Macro in "Taxes2020.doc" would try to launch?
Doing the same method :
Answer : http://tryhackme.com/notac2cserver.sh
-
What is the highest file entropy a file can have?
Answer : 8
-
What is the lowest file entropy a file can have?
Answer : 0
-
Name a common packer that can be used for applications?
Answer : UPX
-
Pretty interesting stuff!
No Answer.
-
Fin.
No Answer.
-
I'm curious to read up some more!
No Answer.