Recommended VPS Providers:
Low commitment VPS with many locations:
Cheap VPS for long term use:
Special network / bandwidth connectivity:
Trebek, by Under the wire can be found at underthewire.tech
!!! WARNING: Spoilers !!!
Trebek 1 -> 2
Copy Get-WinEvent -Path .\Security.evtx -Verbose | Where-Object {$_.Id -eq 4699} | Select -ExpandProperty message Read the value from the or use findstr Command
Trebek 2-> 3
Trebek 3-> 4
Copy Get-WinEvent -path .\Security.evtx | where {$_.id -eq 4624 -and $_.message -match “Account Name:\s+Yoda”} | select -expandproperty message Trebek 4-> 5
Copy dir C:\windows\prefetch\MSACCESS* Trebek 5-> 6
Copy get-childitem -path “HKLM:\Software\Microsoft\Windows\CurrentVersion\” Read the Run key value
Trebek 6-> 7
Copy cd C:\Program Files (x86)\Adobe
Get-ChildItem *.dll -Recurse | group Extension -NoElement Trebek 7 -> 8
Copy Get-ChildItem -Path “HKLM:\Software\Microsoft\Windows NT\Curr entVersion\Image File Execution Options” Trebek 8 -> 9
Copy get-content -encoding Byte -totalcount 8 -path .\Clone_Trooper_ data.pdf Trebek 9 -> 10
Copy get-WmiObject -class Win32_Share Trebek 10 -> 11
Copy get-winevent -path .\Security.evtx | Where {$_.id -eq 4722} | Select -ExpandProperty message Trebek 11 -> 12
Copy get-winevent -path .\Security.evtx | Where {$_.id -eq 4720} | Select -ExpandProperty message Trebek 12 -> 13
Copy get-winevent -path .\Security.evtx | Where {$_.id -eq 4720} | Select -ExpandProperty message Trebek 13 -> 14
Copy get-aduser -Filter * -Properties City | Select -Property Nam e,City | Select -ExpandProperty City Trebek 14 -> 15
Copy get-aduser -Filter * -Properties City | Select -Property Nam e,City | Select -ExpandProperty City
[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String(“blahblah”)) Conclusion
Special thanks to Fernando Tomlinson @Wired_Pulse for creation of this game.
