Forum Widgets
Recent Discussions
This dashboard version is missing.
Was trying to do the threat hunting cowrie honeypot but when trying to access the 'Tango honeypot intelligence' part of splunk it told me the dashboard version was missing and all data and results are not showing. I have been able to complete some of the questions but without the dashboard getting past question 5 seems difficult, any workaround or fixes? thanks.
Web App Hacking (Lab series): CVE-2022-2143 (iView2)
Hello all, I have spent way to long trying to complete the iView2 exploit. I was expecting a text box on the page for command entry, but I cannot get anything like that. I have been able to send a post request to the NetworkServlet page using the provided exploit string and I know that the test.jsp is created because I can use the query parameter ?cmd=whoami and I get the mysqldump output showing "nt authority \system". I cannot get any other query parameters to execute, even simple ls or dir commands. I found y4er's blog post and everything I see in terms of the syntax of the exploit appears to be identical to the lab. Any directions/suggestions/hints would be greatly appreciated! Thanks in advance. J
Web server brute force authentication: Ep. 1 - Compromising an account
Pentesting is not part of my job. If I tried using any of these tools in the real world I would be fired or put in jail. With that as an introduction ... I have no idea what I'm supposed to do in Authentication & Authorization Flaws -> Web server brute force authentication: Ep. 1 - Compromising an account
Google Cloud Basics: Ep.7 – Demonstrate Your Skills - Task 10
Hi Team, I have been stuck on this lab for like 24hrs and I am pretty sure I am doing the right thing as per knowledge. Is there a chance this lab is broken as the lab doesn't auto-complete at all ? I assign and grant the storage object viewer permissions on IAM for the new Service Account but it doesn't apply at all .Credential Access: Using Hydra
Hi team, I was wondering whether anyone can please help me, as I'm stuck on Q10. So the part I'm stuck on is trying to figure out how to put a command together to use - unix_users.txt and rockyou.txt to brute force an account that can log onto the web application for port 8000 Any suggestions are more than welcome! Many thanks.Active Directory Basics: Demonstrate Your Skills
Hello, I'm a little confused as to Q10 of this lab and sincerely hope I wasn't the only one until somebody figured it out? As with the question, I have gone into Server Manager and followed the instructions by adding COMP-HYDRA to the domain but getting the error message below? Any help would be greatly appreciated!Modern Encryption: Demonstrate Your Skills
Hello, I am a little stuck on Q3 for this lab and would really appreciate any help I can get. So I have followed the steps as required by encrypting the file - plaintext_1.txt and set the password as per steps on the actual file itself - plaintext_1.txt. However after setting the password I am not getting token_1.txt appearing in the Lab-Files folder. What am I doing incorrectly?
