An attacker has intruded into the CEHORG network with malicious intent.
He has identified a vulnerability in a
machine. He has encoded the machine's IP address and left it in the database. While auditing the database, the
encoded file was identified by the database admin. Decode the EncodedFile.txt file in the Document folder in the
"EH Workstation – 2" machine and enter the IP address as the answer. (Hint: Password to decode the file is Pa$
$w0rd)
10.10.10.31-(Correct Attempt)
The Access code of an employee was stolen from the CEHORG database. The attacker has encrypted the file using
the Advance Encryption Package. You have been assigned a task to decrypt the file; the organization has retained
the cipher file ""AccessCode.docx.aes"" in the Document folder in the ""EH Workstation – 2"" machine.
Determine the access code by decrypting the file. Hint: Use ""qwerty"" as the decryption password. Note:
Advanced Encryption Package is available at E:\CEH-Tools\CEHv12 Module 20 Cryptography\Cryptography Tools.
ECC-CSC-2006-(Correct Attempt)
A VeraCrypt volume file "secret" is stored on the Document folder in the "EH Workstation – 2" machine. You are
an ethical hacker working with CEHORG; you have been tasked to decrypt the encrypted volume and determine
the number of files stored in the volume. (Hint: Password: test)
6-(Correct Attempt)
You have received a folder named "Archive" from a vendor. You suspect that someone might have tampered
with the files during transmission. The Original hashes of the files have been sent by the sender separately
and are stored in a file named FileHashes.txt stored in the Document folder in the "EH Workstation – 2"
machine. Your task is to check the integrity of the files by comparing the MD5 hashes. Compare the hash
values and determine the file name that has been tampered with. Note: Exclude the file extension in the
answer field. The answer is case-sensitive.
Quotes-(Correct Attempt)
CEHORG hosts multiple IoT devices and sensors to manage its supply chain fleet. You are assinged a task to
examine the file "IOT Traffic.pcapng" located in the Home directory of the root user in the "EH Workstation - 1"
machine. Analyze the packet and find the topic of the message sent to the sensor.
Fleet_Count-(Correct Attempt) (MQTT)
An employee in CEHORG has secretly acquired Confidential access ID through an application from the company.
He has saved this information on the Downloads folder of his Android mobile phone. You have been assigned a
task as an ethical hacker to access the file and delete it covertly. Enter the account information present in the file.
Note: Only provide the numeric values in the answer field.
1,2,3,4,6
The mobile device of an employee in CEHORG has been hacked by the hacker to perform DoS attack on
one of the server in company network. You are assigned to analyse "Andro.pcapng" located in Documents
directory of EH workstation-2 and identify the severity level of the attack. (Note: perform deep down Expert
Info analysis)
Warning-(Correct Attempt)
An attacker has hacked one of the employees android device in CEHORG and initiated LOIC attack from the
device. You are an ethical hacker who had obtained a screenshot of the attack using a background
application. Obtain the screenshot of the attack using PhoneSploit from the attacked mobile device and
determine the targeted machine IP along with send method.
172.16.0.11/HTTP-(Correct Attempt)
An attacker installed a malicious mobile application 'AntiMalwarescanner.apk' on the victims android device
which is located in EH workstation-2 documents folder. You are assigned a task to perform security audit on
the mobile application and find out whether the application using permission to Read-call-logs.
Yes-(Correct Attempt)
CEHORG hosts multiple IOT devices and sensors to manage its supply chain fleet. You are assinged a task to
examine the file "IOT Traffic.pcapng" located in the Home directory of the root user in the "EH Workstation - 1"
machine. Analyze the packet and find the topic of the message sent to the sensor.
Fleet_Count-(Correct Attempt)
An attacker had sent a message 166.150.247.183/US to the victim. You are assigned to perform footprinting using
shodan.io in order to identify whether the message belongs to SCADA/ICS/IoT systems in US.
IoT-(Correct Attempt)