TryHackMe Hide and Seek | Linux Forensic DFIR | Hackfinity Battle Encore

⭐Welcome to the Hackfinity Battle CTF!⭐🚀 In this video we investigate a different persistence technique used by an attacker on a Linux system 🔥Room Scenario: 🔥🚀 📌A note was discovered on the compromised system, taunting us. It suggests multiple persistence mechanisms have been implanted, ensuring that Cipher can return whenever he pleases. Here’s the note: Dear Specter, I must say, it’s been a thrill dancing through your systems. You lock the doors; I pick the locks. You set up alarms; I waltz right past them. But today, my dear adversary, I’ve left you a little game. I've sprinkled a few persistence implants across your system, like digital Easter eggs, and I’m giving you a sporting chance to find them. Each one has a clue because where’s the fun in a silent hack? Time is on my side, always running like clockwork. A secret handshake gets me in every time. Whenever you set the stage, I make my entrance. I run with the big dogs, booting up alongside the system. I love welcome messages. Find them all, and you might earn a little respect. Miss one, and well… let's say I’ll be back before you even realize I never left. Happy hunting, Specter. May the best ghost win.📌 🎓 TryHackMe Room: https://tryhackme.com/room/HackfinityBattleEncore In this room we look at malicious code in: 🕵️‍♂️ User authorized_keys file 🧐 🕵️‍♂️ User bashrc file 🧐 🕵️‍♂️ Message of the day directory update-motd.d 🧐 🕵️‍♂️ Malicious service in /usr/lib/systemd/system/ 🧐 🕵️‍♂️ Malicious cron job 🧐 👍 Like, Subscribe, and Comment to stay updated with our latest cybersecurity tutorials. If you have any questions or need further clarification on any concept, feel free to drop a comment below! 👍 these tutorials are for educational purposes and to encourage responsible and legal use of hacking knowledge. Don't forget to like, comment, and subscribe for more cybersecurity walkthroughs! #TryHackMe, #CTF, #CyberSecurity, #EthicalHacking, #blueteam #DFIR #CyberAttack, #InformationSecurity #HackfinityBattleEncore