Forum Widgets
Recent Discussions
Microsoft Sentinel: SOAR Demonstrate your skills
Hello all, I am struggling on question 6 where I feel like I have the Condition portion setup correctly but it won't say that it is completed. The condition is supposed to be within the For Each loop correct? The Condition parameters is: AND - Body Risk = High
Kusto Query Language: Ep.7 β String Processing Q4
I am stuck in Q4, and it seems that the query matches the requirements of the question and generates exactly what it is asking for. However, the lab does not accept the full substring command used in the query as the correct answer. Please let me know if I am missing anything. Thank you.Incident Response Suspicious Email Part 2 last Question
Hello I am getting slowly crazy here. The last question of Suspicious Email Part 2 asks to find the FQDN of the threat actor within the output that in the previous questions we had to deobfuscate after unpacking the vbaProject.bin using Oletools and / or a script. I created a script to convert Decimal to ASCII and the Hash in the end was matching and I solved the 2nd to last question. However afterwards it says the FQDN should be in the file I just created. This is not the case. I checked the file with strings and even read the whole file line by line to find any FQDN. The only sites in there are apache and zeustech which are only in there because ApacheBench got used in the Malware. There is no trace of any further FQDN. So I'm effectively stuck there because I can't find any worthwhile Info. Does anyone have any Idea? Or is this Lab just broken? I redid the whole Lab from scratch 2 times already. Both times I wrote a new Script aswell and everytime the Hash is correct but there is no FQDN to be found anywhere in there.
Ep 7 Post Exploitation With Metasploit
Iβm having issues with q9 and donβt know why what Iβm currently doing isnβt working. Iβve ran SharpUp.exe and found a vulnerable binary location (C:/Windows/Important-Service/Important-Service.exe). From my original meterpreter session, I have uploaded a new msfvenom payload called Important-Service.exe to the location above, with hope to spawn a new shell on another listener. Nothing is happening when I start the service or execute the exe. Any pointers with this one? I feel that what I am doing is correct and should work.
Incident Response: Suspicious Email β Part 2 -Help Needed.
Hi, I'm currently trying to complete this lab but I'm stuck on step 10. I have tried to use the different tools at hand but I'm struggling to extract the VBA and getting the binaries for it. Any help would be much appreciated. Kind Regards, jjdeno99
Modern Encryption: Demonstrate Your Skills
Hello, I am a little stuck on Q3 for this lab and would really appreciate any help I can get. So I have followed the steps as required by encrypting the file - plaintext_1.txt and set the password as per steps on the actual file itself - plaintext_1.txt. However after setting the password I am not getting token_1.txt appearing in the Lab-Files folder. What am I doing incorrectly?
