search
Support

book-openScenario

hashtag
Dokumentasi Simulasi Forensik OS - Simplified

hashtag
1. SETUP ENVIRONMENT

  • [ x ] Screenshot: wsl --list showing Kali & Ubuntu

  • [ x ] Screenshot: SSH service running di Ubuntu (systemctl status ssh)

  • [ x ] Screenshot: Network IP kedua WSL (ip addr)

  • [ x ] Penjelasan: WSL networking dan SSH setup

hashtag
2. BACKDOOR DEPLOYMENT

  • [ x ] Screenshot: File monitor script (file_monitor.sh)

  • [ x ] Screenshot: Script running in background (ps aux | grep monitor)

  • [ x ] Screenshot: Log directory created (ls -la /tmp/.logs/)

  • [ ] Penjelasan: Teknik monitoring filesystem events secara stealth

hashtag
3. VICTIM ACTIVITIES

  • [ ] Screenshot: ZIP creation dengan password (zip -P "password" file.zip)

  • [ ] Screenshot: Environment variable dengan password (echo $ARCHIVE_PASSWORD)

  • [ ] Screenshot: Bash history showing sensitive commands

  • [ ] Penjelasan: Password leakage melalui environment variables

hashtag
4. LOG CAPTURE & ANALYSIS

  • [ ] Screenshot: Real-time log file (tail -f /tmp/.system_activity.log)

  • [ ] Screenshot: Base64 decoded log entries

  • [ ] Screenshot: Password extraction dari logs

  • [ ] Penjelasan: Log analysis untuk credential harvesting

hashtag
5. ATTACK EXECUTION

  • [ ] Screenshot: SSH connection dari Kali ke Ubuntu

  • [ ] Screenshot: Remote log access (cat /tmp/.system_activity.log)

  • [ ] Screenshot: Password testing (unzip -t secret.zip)

  • [ ] Penjelasan: Remote access dan credential validation

hashtag
6. ZIP COMPROMISE

  • [ ] Screenshot: Successful ZIP extraction dengan stolen password

  • [ ] Screenshot: Sensitive file contents revealed

  • [ ] Penjelasan: Impact dari credential theft

hashtag
7. FORENSIC EVIDENCE

  • [ ] Screenshot: Timeline reconstruction dari logs

  • [ ] Screenshot: Attack chain visualization

  • [ ] Screenshot: Security gaps identified

  • [ ] Penjelasan: Forensic analysis methodology dan findings

Total: ~20 screenshots + 7 technical explanations

hashtag
KEY FOCUS AREAS:

  1. Password Leakage - Environment variables & bash history

  2. Log Monitoring - Stealth file system monitoring

  3. Remote Access - SSH exploitation

  4. Credential Harvesting - Extract passwords dari logs

  5. Impact Demonstration - Sensitive data access

hashtag
Dokumentasi

Dokumentasi simulasi dan explanationnya akan gw masukin di sini

yelpSimulasi SISOPchevron-rightbinary-lockOS Forensic Explanationchevron-right

PreviousFinal Research Operating SystemNextSimulasi SISOP

Last updated