Hello again to another blue team CTF walkthrough now from HackTheBox title Diagnostic - an ole document analysis challenge
Challenge Link:
app.hackthebox.com/challenges...
CHALLENGE DESCRIPTION
Our SOC has identified numerous phishing emails coming in claiming to have a document about an upcoming round of layoffs in the company. The emails all contain a link to diagnostic.htb/layoffs.doc. The DNS for that domain has since stopped resolving, but the server is still hosting the malicious document (your docker). Take a look and figure out what's going on.
#oledoc #fileanalysis #blueteam #ctf #dfir