Category: DFIR
Difficulty: Easy
Author: Cake#4096 & Conletz#5420
Solving this challenge will unlock more "Shop- " challenges in the DFIR category.
All the "Shop- " challenges in the DFIR category use the same JSON data set (DownUnderShop.JSON) which can be downloaded from here.
We'd encourage you to use a log analytics tool such as Splunk (1 week free cloud trial) to assist with analysing the logs.
These logs and scenarios are designed to be real-ish, they're simpler and given that the entire data set covers 1hr all malicious activity is conducted on a condensed time frame.
The structure of the fake website being targeted is a basic online store with browsing, purchasing and account functionality.
Flag formats will not be in the standard DUCTF{} format, as an example the flag for this challenge is IAgreeToTheTeasAndTheSeas
Feedback is very highly encouraged.