Free

Challenge: Buttercup Get-Help

Threat actors commonly use file types in creative ways. As a CTF player, you must discover a mysterious file artifact and investigate its hidden treasure!
0
30
M
Time
advanced
difficulty
1
ceu/cpe

Course Content

No items found.
Course Description

In this challenge, you will operate in an investigative capacity to reveal what is hidden in a mysterious artifact.

> 1. [How to crack Zip passwords](https://dfir.science/2014/07/how-to-cracking-zip-and-rar-protected.html) > 2. [How to decompile CHM help files](https://geekeefy.wordpress.com/2016/07/07/powershell-decompiling-compiled-html-help-chm-files-and-data-wrangling/) > 3. [Microsoft PowerShell deserialization document](https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.psserializer.deserialize?view=powershellsdk-7.0.0) > 4. [Microsoft PowerShell encryption document](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertfrom-securestring?view=powershell-7.2) > 5. Protip: . .\myScript leaves variables open in poweshell ISE

![CySeeker Peculiar](//images.ctfassets.net/kvf8rpi09wgk/qbEzmd4efRzpA1lBEW8vZ/9fb4bc97f855861107cfa48daf666920/CySeeker_Peculiar.png)

Who is this for?

> Intermediate to advance career practitioners. Individuals new to cybersecurity may struggle to complete this as it involves some advanced security concepts. We encourage the use of any internet resources, community/colleague assistance in completion of the challenge.

What resources are available to help solve this challenge?

> Online search, Discord community, colleagues or fellow practitioners.

Are write ups permitted?

> Yes, write ups are permitted; however, please do not post answers directly. All write ups should include an appropriate link back to Cybrary and the Cybrary Course.

This course is part of a Career Path:
No items found.

Instructed by

Senior Instructor
Matthew Mullins

Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.

Provider
Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a Challenge: Buttercup Get-Help Certificate of Completion