Tell Ron (Code Monkey Z) to look for the Asptesttrace.log. It will have soap calls.

posted 3 years ago by bobfurapples 3 years ago by bobfurapples +49 / -0

15 comments

15 comments share save hide report block hide replies

You're viewing a single comment thread. View all comments, or full comment thread.

Comments (15)

sorted by:

▲ 4 ▼

– pedeITA 4 points 3 years ago +4 / -0

It has to be staged, as no one used a forensic approach, nor a professional one, they didn't know where to log for windows logs and things, can't be real, probably staged to show 'easily' to it noobies how to get there etc, they said they need to run a forensic audit, what i think it's, Mark, or how's called the white hat guy, knows what he's talking about, but act as if he doesn't, i saw that earlier when he said ' i just learned to open the image in ftk imager yesterday night', but then he did know at a point which directory to look for, CVE grades, software flaws, etc, so...

Also, i don't think they will show out everything here' it's a way to have people push to ask for audits, they said it

Plus, apart this, there's an entire topic on Microsoft ElectionGuard...

permalink save report block reply

▲ 2 ▼

– pby1000 2 points 3 years ago +2 / -0

I am assuming they are rehashing what was known on November 3-4 by certain groups watching it all in real time.

permalink parent save report block reply

▲ 2 ▼

– pedeITA 2 points 3 years ago +2 / -0

Yep just enough to wake up people there, anyway, for their skills, showing them a full forensic analysis in real time, would have had the same effect (they didn't even ask anything to prove those were from the same systems), but would have way complex and, in this way you leave the enemy with a nothing burger, as, for what they know, Ron may be even just dicking around with his own hard drive

but a real forensic procedure, if triggered, would prove everything as needed

btw, to have 3 point in time (images), people need to ask themselves how, they had them... i'd say same source as the pcap :)

permalink parent save report block reply

▲ 1 ▼

– TrappedInBlueState 1 point 3 years ago +1 / -0

IT is such a large domain, with many sub domains. Being an expert in any single domain in IT causes one to lag behind in the other domains. Being a jack of all trades across many domains, causes one to not really be an expert in any of them.

permalink parent save report block reply

▲ 1 ▼

– pedeITA 1 point 3 years ago +1 / -0

On some specific fields, but here we are talking about basic things for a system admin / tech / architect / whatever

How a system / server works (hard drives, OS)

How to timestamp and checksum file and drives

Where to locate log files

How to compare directories and files

Where to see networking stuffs

Where to find software updates

etc

Just a bunch of chapters of any minor IT certification in the market, from CompTIA+ (entry level) up

permalink parent save report block reply

To The Great Awakening

We are researchers who deal in open-source information, reasoned argument, and dank memes. We do battle in the sphere of ideas and ideas only. We neither need nor condone the use of force in our work here. WE ARE THE PUBLIC FACE OF Q. OUR MISSION IS TO RED-PILL NORMIES.

This is a pro-Q community. Please read and respect our rules below before contributing.

WHY Q?

"Those who cannot understand that we cannot simply start arresting w/o first: ensuring the safety & well-being of the population shifting the narrative removing those in DC through resignation to ensure success defeating ISIS/MS13 to prevent fail-safes freezing assets to remove network-to-network abilities kill off COC to prevent top-down comms/org, etc. etc. should not be participating in discussions." Q