SOC Simulator 1/5 - Vecteur initial

forensics logs FCSC 2024 solved on

star star

Description

During the summer of 2022, an operator of vital importance (OIV) alerts the ANSSI because it believes it is the victim of a major cyber attack. The OIV’s security operation center (SOC) sends an export of its system collection over the last few days. Your job is to understand the attacker’s actions.

Note: The 5 parts are numbered in the chronological order of the attack, but it is not necessary to solve them in order.

Find the name of the vulnerability and the UTC time of the first attempt to exploit it.

Flag format (case insensitive): FCSC{EternalBlue|2021-11-27T17:38}

This challenge has been split into five parts:

Files

  • soc_events.zip
    481.70 MiB – b276816ec987a8c2874cb2f3ca18a70bf0857dcbe4d766d07dbf7bd256890084

Author

ribt

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags
2025-07-02
_asta_.
🇫🇷