Hack The Box Meetup France: Infostealers, Cicada Machine, and Volatility

By /

Listen to this Post

Last night marked the 75th edition of the Hack The Box Meetup in France. Despite some internet connection issues, the event was a success, with Mudassar MASOOD stepping in to host. The meetup featured three main segments:

  1. Infostealers Presentation by Hamza Kondah (Hexadream): A deep dive into the current threat of Infostealers, explaining their mechanisms and impact.
  2. Cicada Machine Walkthrough by Florent G.: A detailed presentation on the Cicada machine, a Windows-based Hack The Box challenge involving Active Directory, tested in a gray-box environment.
  3. Volatility Framework Discussion by Jonathan L. (PR4NK): A session on memory forensics using the Volatility framework, highlighting its capabilities in incident response and forensic analysis.

The meetup covered a range of topics, including Cyber Threat Intelligence (CTI), offensive security, and digital forensics. The next meetup is scheduled for March 20th and will be held remotely via Discord.

Practice Commands and Codes

1. Infostealers Analysis:

  • Use `strings` to extract potential malicious strings from a binary:
    strings suspicious_file.exe | grep -i "password"
  • Analyze network traffic with tcpdump:
    sudo tcpdump -i eth0 -w capture.pcap

2. Cicada Machine Walkthrough:

  • Enumerate Active Directory with ldapsearch:
    ldapsearch -x -h <DC_IP> -b "dc=domain,dc=com" "(objectClass=user)"
  • Exploit SMB vulnerabilities with smbclient:
    smbclient -L //<target_IP> -U <username>

3. Volatility Framework:

  • Analyze memory dumps for processes:
    volatility -f memory.dump --profile=Win10x64 pslist
  • Extract registry hives for analysis:
    volatility -f memory.dump --profile=Win10x64 hivelist

What Undercode Say

The Hack The Box Meetup France showcased the importance of hands-on learning in cybersecurity. From Infostealers to memory forensics, the event highlighted critical skills for modern cybersecurity professionals. Using tools like ldapsearch, smbclient, and the Volatility framework, attendees gained practical insights into offensive and defensive techniques. These tools are essential for identifying vulnerabilities, analyzing threats, and responding to incidents. For further learning, explore resources like Hack The Box and Volatility Foundation. Continuous practice and community engagement, as seen in these meetups, are key to staying ahead in the ever-evolving field of cybersecurity.

References:

Hackers Feeds, Undercode AIFeatured Image

Related Posts: