Forum Widgets
Recent Discussions
A Letter to Santa
Hello everyone, Wrong time of year, I know.. I've been having a go at the Christmas challenge collection and stuck on "A letter to Santa". I've managed to get code execution as user but struggling with the priv esc. I've found the cron job which runs chmod 600 * as root in /etc/letters. Is it possible to use chmod to priv esc? I've tried creating a file called '--reference=file' and created another file called 'file' with 7777 privileges - resulting in anything in directory having suid bit set. Tried copying bash and creating a symlink, but with no luck. Am I going down a massive rabbit hole with this? Or missing some obvious plain text creds somewhere 😂Hack Your First Web App: Ep.6 - Hydra
I am stuck on Question 7 which instructs you to use hydra to brute force a password. I was able to use it correctly on Ep. 5. I have tried using the same cmd and changing to the login page but it returns 16 incorrect matches rather than one. hydra -l test -P /usr/share/wordlists/custom/ozone-wordlist.txt ozone-energy.bitnet http-form-post"/login:username=^USER^&password=^PASS^&Login=Login:Invalid Password"
GuardDuty: Demonstrate Your Skills
Has anyone had any issues with the GuardDuty lab. GuardDuty: Demonstrate Your Skills - Labs - Immersive In task no.4 It asked you: In order to encrypt findings being exported to S3, GuardDuty requires a KMS key The KMS key policy must give the required permissions to the GuardDuty service principal. I have amended the policy as followed. "Version": "2012-10-17", "Statement": [ { "Sid": "Allow GuardDutytoencryptfindings", "Effect": "Allow", "Principal": { "Service": "guardduty.amazonaws.com" }, "Action": [ "kms:GenerateDataKey", ], "Resource": "*" The lab isn't progressing past this. Am I doing something wrong or is it a bug in the lab. Any help is appreciated, Thanks I
Snort Rules: Ep.9 – Exploit Kits
I am pulling my hair with question number 8 Create a Snort rule to detect the third GET request in the second PCAP file, then submit the token. This one should do it but it is not working. alert tcp any any -> any any (msg:"detect the third GET request"; content:"e31e6edb08bf0ae9fbb32210b24540b6fl"; sid:1000001) I tried so many rules base on the first GET header and still unable to get the token. Any tips?
CSP Hash Incorrect Despite Correct Script and Hash (CSP Lab Issue?)
Hello all! I'm working on Introduction to Content Security Policy (CSP) Lab: Content Security Policy: Hashes exercise that requires generating the correct hash for an inline script like: <script>document.body.style.backgroundColor = "#ADDADE";</script> I’ve used both CyberChef and the SHA-256 JavaScript snippet to generate hashes like: sha256-+BWzTX+GJrse8ifajvHg6QFPdmE+JjXYmrYBn+kLITo= sha256-Msn/9dD1zBN7LGZyQyglKL9JMVyCsVqvZ7MAkmm/BpU= I've accounted for trailing newlines and whitespaces (CRLF, LF), used View Source (not dev tools), and verified that I'm hashing the exact script content. However, the lab continues to mark the answer as “incorrect.” Is this likely a glitch in the lab setup, or is there a common mistake I might be overlooking? Would appreciate any help or confirmation from someone who’s completed this lab or run into a similar problem
Threat Research: Dependency Confusion Lab
Hello Community, I am almost finished Threat Research: Dependency Confusion Lab, but I am stuck with the last question "What is the token found in /root/token.txt on the target server?". I have followed all instructions, setup listener, up to python reverse shell (setup.py) but at the end, I don't know how to access token.txt file. Any help would be appreciated. Below are the screenshots from terminal listener and terminal where all commands are executed. Thanks so much OctavioFoundational Static Analysis: API Analysis step 10
Step 10 of this lab says to go to the command line and run xelfviewer. In my virtual machine, that is not found. I see a directory for the building of it, but I don't find the binary anywhere to be able to execute it, and I don't have permissions to be able to do the build. Anyone have any suggestions about that?
