I attended part of the recent PowerShell + DevOps summit, and one of the sessions was from Fernando Tomlinson (@wired_pulse and @underthewire_ps) on incident response. He talked about a number of things, but one was his work at UnderTheWire.tech, where there are PowerShell training items.
One section here is on War Games. These are challenges, where you need to use PowerShell to progress through the levels of the game. It’s a chance to practice some knowledge, or maybe look things up and learn. I decided to try one of these.
Century
The first war game is Century. Here you join a Slack server to get credentials, and it’s also where you can ask for help. Once you join, you have an initial set of credentials to connect to a host through SSH. If you’ve never done this, it’s a chance to learn.
For me, I knew Win10 had added this, and I hadn’t actually installed PuTTy on this machine, so I tried this:
ssh century1@century.underthewire.tech
This prompted me for a password, which I had from Slack. From here, I needed to go through the next step in the wargame. In this case, the 1st level looked like this:
Easy enough, I need information on PowerShell that is installed. If you know how to do this (I did), it’s easy. I copied the build number, and then used “exit” to disconnect. I opened a new SSH connection, with the century2 user and the build number as the password.
It worked, and I continued through the challenge.
Thoughts
This was an interesting test of how to use PowerShell. I don’t do a lot of desktop admin type stuff, so I had to look up some items. I had to type carefully (or copy/paste carefully) and read. For example, one item said to look in a folder for a file, but I was looking at the list of items in the root, not as folders. Slightly embarrassed myself in asking for help on this one.
Overall, these weren’t too hard, but I enjoyed the process of working through the game and learning something new. Not a bad way to play with some PoSh.