Open in app

Sign in

Write

Sign in

Member-only story

THM - Logless Hunt

Francesco Pastore
6 min read5 days ago

A writeup for the room “Logless Hunt” on TryHackMe

Detect every attack step on a Windows machine even after threat actors cleared Security logs.

Logless Hunt

Detect every attack step on a Windows machine even after threat actors cleared Security logs.

tryhackme.com

Task 3 - Initial Access | Web Access Logs

What is the title of the HR01-SRV web app hosted on 80 port?

It is enough to visit the page from the machine to obtain the title of the web app.

Which IP performed an extensive web scan on the HR01-SRV web app?

We can take a look at the access.log file of the Apache web server.

Get-Content C:\Apache24\logs\access.log

We can notice many requests from the same IP to multiple destinations on the same path, but with different…

--

--

Francesco Pastore
Francesco Pastore

Written by Francesco Pastore

144 followers
65 following

An engineering student in Milan and a web developer for an IT company. Write about programming and cybersecurity topics.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech