BOTSv1 1.1: Scanner Name (5 pts)
Find the brand name of the vulnerability scanner used against imreallynotbatman.com.
BOTSv1 1.2: Attacker IP (5 pts)
Find the attacker's IP address.
BOTSv1 1.3: Web Server IP (5 pts)
Find the IP address of the web server serving "imreallynotbatman.com".
BOTSv1 1.4: Defacement Filename (10 pts)
Find the name of the file used to deface the web server serving "imreallynotbatman.com".Hints:
- It was downloaded by the Web server, so the server's IP is a client address, not a destination address.
- Remove the filter to see all 9 such events. Examine the uri values.
BOTSv1 1.5: Domain Name (10 pts)
Find the fully qualified domain name (FQDN) used by the staging server hosting the defacement file.Hints:
- Examine the 9 events from the previous challenge. Look at the url values.