National Cybersecurity Awareness Month has four themes; the last being 'Update Your Software.' This challenge will have you analyze a log and identify a web application attack. The goal is to piece together the narrative from the suspicious requests and understand how attacks like these can happen when you do not update your software.
>In this NCAM weekly challenge, you will analyze a web server log reviewing an exploitation attempt. This challenge aims to look beyond the basics of simply updating software by focusing on how stealthy an exploit can be and how it can slip through the cracks when software is not updated. It is common knowledge to patch your systems, products, and devices, but let’s see why it is essential to adhere to them!
1. What is the name of the web application in the logs?
2. What is the name of the vulnerable page?
3. What is the CVE associated with this vulnerability?
4. Is this attack authenticated or unauthenticated?
![CySeeker Long Description](//images.ctfassets.net/kvf8rpi09wgk/1oL68jzohsVjhrJOSFmBEq/158ef670d04b2d5a12fbf6b54b0a5c18/Screen_Shot_2022-10-24_at_8.33.39_PM.png)
Who is this for:
>Early career to mid practitioners. This challenge may be difficult for individuals new to cybersecurity, but the difficulty rating on this challenge is relatively low. We encourage using any internet resources and community/colleague assistance in completing the challenge.
Are write-ups permitted?
>Yes, write-ups are permitted; please do not post answers directly. All write-ups should include a link to Cybrary and the Cybrary Course.
What resources are available to help solve this challenge?:
>Online search, community, colleagues, or fellow practitioners.
This course is part of a Career Path:
No items found.
Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.
Certificate of Completion
Complete this entire course to earn a Challenge: Update B4 It's 2Late Certificate of Completion