Solved: Re: Cisco Endpoint Security. Attacking a MySQL Database.

Volger · ‎06-26-2024

I have a problem with the Cisco Endpoint Security course. In the “4.2.8. Lab — Attacking a MySQL Database” I need to open pcap file via WireShark by browse /home/analyst/ directory and search for lab.support.files. Before that I got VM “Cybersecurity_Lab_VM_Worksation_20230210”, but I can´t see any files or directories in /home/analyst/. When I navigate there via “Open” menu of WireShark - /home/analyst/ is empty.
Via terminal I can´t check /home/analyst/ content as I don´t have the right to navigate to this folder as user “cisco” and I can´t change a folder owner as I don´t know the superuser password.
What am I doing wrong and where can I get this pcap file for the lab?

Kenneth van der Maazen · ‎07-16-2024

it worked, I used this command: sudo chown -R cisco /home/analyst and the password for user cisco is password

View solution in original post

Volger · ‎06-28-2024

Changed directory owner to "cisco" user via sudo command and then all work fine.

So, attached VM doesn't match the lab description.

Kenneth van der Maazen · ‎07-16-2024

changing the directory owner requires a password so it doenst work for me

Volger · ‎07-17-2024

That is right - if you use "sudo" command then you will be asked for a password, but this is a current user password (the user you are logged in), so in a case with this VM for user "cisco" it will be the password "password".

Kenneth van der Maazen · ‎07-16-2024

it worked, I used this command: sudo chown -R cisco /home/analyst and the password for user cisco is password

Kenneth van der Maazen · ‎07-16-2024

the other solution would be to just use the analyst account when you open the virtual machine