RedTeam Capstone Challegen TryHackMe

RedTeam Capstone Challegen TryHackMe

TryHackMe 2024 2023

HackTheBox 2024

Hello
Red Team Capstone Challenge TryHackMe
Try Hack Me
Hack The Box
- 2024

Powered by GitBook

Last updated 1 year ago

Learning Objectives

Learn about poisoned pipeline execution.
Understand how to secure CI/CD pipelines.
Get an introduction to secure software development lifecycles (SSDLC) & DevSecOps.
Learn about CI/CD best practices.

This room is again a very straightforward one with all commands and instructions already given. We just need to follow along and run them.

What is the handle of the developer responsible for the merge changes? 
[REDACTED]

This can be found under merge requests

What port is the defaced calendar site server running on?
[REDACTED]

This can be found after looking at the docker command run in the config file

What server is the malicious server running on?
[REDACTED]

This can be found after looking at the docker command run in the config file

What message did the Frostlings leave on the defaced site?
[REDACTED]

This can be found upon visiting the defaced website

What is the commit ID of the original code for the Advent Calendar site?
[REDACTED]

Look at the last known commit by a good actor and you will find  the commit ID

On this page

Was this helpful?

Try Hack Me

Advent of Cyber 2023

Day 20

DevSecOps Advent of Frostlings

PreviousDay 19 NextDay 21