For the last part, after setting up the D&R rule and running the command "vssadmin delete shadows /all" and then "whoami", the result was as followed:
PS C:\Windows\system32> whoami
Shell exited
But I decided to try another time and repeat the shell process. On my second attempt, it worked the way it was supposed to; hanging and failing to return anything from the whoami command.
So my question is, during my first attempt why was I exited from the shell?
Thanks for the lab and the blog, it was truly educational, I'm going to mess around to learn more.
So you want to be a SOC Analyst? Part 4
Hi Eric, Just wanted to write and ask if you can link Part 4 to your 3rd article to be able to find it more easily.
For the last part, after setting up the D&R rule and running the command "vssadmin delete shadows /all" and then "whoami", the result was as followed:
PS C:\Windows\system32> whoami
Shell exited
But I decided to try another time and repeat the shell process. On my second attempt, it worked the way it was supposed to; hanging and failing to return anything from the whoami command.
So my question is, during my first attempt why was I exited from the shell?
Thanks for the lab and the blog, it was truly educational, I'm going to mess around to learn more.
hello Eric, how exactly do you download and execute Florian’s ransomware simulator ?
I am having a hard time with that, Thanks for the blogs
hello Eric, how exactly do you download and execute Florian’s ransomware simulator ?
I am having a hard time with that, Thanks for the blogs