Letsdefend on harsh giri

Letsdefend on harsh girihttps://quixtalia.in/tags/letsdefend/Recent content in Letsdefend on harsh giriHugo -- gohugo.ioen-usFri, 20 Mar 2026 00:00:00 +0000Remote Access Regrethttps://quixtalia.in/p/remote-access-regret/Fri, 20 Mar 2026 00:00:00 +0000https://quixtalia.in/p/remote-access-regret/<ul> <li>scenerio</li> </ul> <p><img alt="Image 1" class="gallery-image" data-flex-basis="607px" data-flex-grow="253" height="470" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/1.png" srcset="https://quixtalia.in/p/remote-access-regret/1_hu_698c534a5940ecfb.png 800w, https://quixtalia.in/p/remote-access-regret/1.png 1190w" width="1190"></p> <p><img alt="Image 2" class="gallery-image" data-flex-basis="577px" data-flex-grow="240" height="242" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/2.png" width="582"></p> <p>we get raw file</p> <ul> <li>extract this using</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">dd if=intelvol.raw of=output.img bs=512 </span></span><span class="line"><span class="cl">sudo mkdir /mnt/rar_image </span></span><span class="line"><span class="cl">sudo mount -o loop output.img /mnt/rar_image </span></span></code></pre></td></tr></table> </div> </div><p><img alt="Image 3" class="gallery-image" data-flex-basis="1073px" data-flex-grow="447" height="268" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/3.png" srcset="https://quixtalia.in/p/remote-access-regret/3_hu_6e605559b2fd8216.png 800w, https://quixtalia.in/p/remote-access-regret/3.png 1199w" width="1199"></p> <ul> <li>local AnyDesk ID</li> </ul> <p><img alt="Image 4" class="gallery-image" data-flex-basis="461px" data-flex-grow="192" height="599" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/4.png" srcset="https://quixtalia.in/p/remote-access-regret/4_hu_f9e285b487694eca.png 800w, https://quixtalia.in/p/remote-access-regret/4.png 1151w" width="1151"></p> <ul> <li>open this file in db browser</li> </ul> <p><img alt="Image 5" class="gallery-image" data-flex-basis="6289px" data-flex-grow="2620" height="39" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/5.png" srcset="https://quixtalia.in/p/remote-access-regret/5_hu_afe321e631c76e32.png 800w, https://quixtalia.in/p/remote-access-regret/5.png 1022w" width="1022"></p> <ul> <li> <p>first website Margaret visited before encountering the scam</p> </li> <li> <p>domain of the initial malicious redirect that led Margaret to the scam page</p> </li> </ul> <p><img alt="Image 6" class="gallery-image" data-flex-basis="584px" data-flex-grow="243" height="509" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/6.png" srcset="https://quixtalia.in/p/remote-access-regret/6_hu_f88189fb129544fa.png 800w, https://quixtalia.in/p/remote-access-regret/6.png 1239w" width="1239"></p> <ul> <li>Examining the cached HTML file, what phone number was displayed to the victim</li> </ul> <p><img alt="Image 7" class="gallery-image" data-flex-basis="530px" data-flex-grow="220" height="211" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/7.png" width="466"> <img alt="Image 8" class="gallery-image" data-flex-basis="408px" data-flex-grow="170" height="851" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/8.png" srcset="https://quixtalia.in/p/remote-access-regret/8_hu_b8ff23ff3e0f7e3e.png 800w, https://quixtalia.in/p/remote-access-regret/8.png 1449w" width="1449"></p> <ul> <li>AnyDesk ID of the remote machine</li> <li>alias of scammer</li> </ul> <p><img alt="Image 9" class="gallery-image" data-flex-basis="610px" data-flex-grow="254" height="514" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/9.png" srcset="https://quixtalia.in/p/remote-access-regret/9_hu_ab491867fe0dff85.png 800w, https://quixtalia.in/p/remote-access-regret/9.png 1308w" width="1308"></p> <ul> <li>total session duration in seconds</li> <li>convert hourly duration to second 4052 sec</li> <li>first file stolen from Margaret’s Desktop</li> <li>How many bytes total exfiltrated</li> </ul> <p><img alt="Image 10" class="gallery-image" data-flex-basis="359px" data-flex-grow="149" height="656" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/10.png" srcset="https://quixtalia.in/p/remote-access-regret/10_hu_2b8ed664fad3b6cf.png 800w, https://quixtalia.in/p/remote-access-regret/10.png 982w" width="982"></p> <ul> <li>total URLs were visited during the browsing session on the day of the incident</li> </ul> <p><img alt="Image 11" class="gallery-image" data-flex-basis="584px" data-flex-grow="243" height="509" loading="lazy" sizes="(max-width: 767px) calc(100vw - 30px), (max-width: 1023px) 700px, (max-width: 1279px) 950px, 1232px" src="https://quixtalia.in/p/remote-access-regret/11.png" srcset="https://quixtalia.in/p/remote-access-regret/11_hu_f88189fb129544fa.png 800w, https://quixtalia.in/p/remote-access-regret/11.png 1239w" width="1239"></p> <ul> <li>it is 10</li> </ul> <hr>