Forum Widgets
Recent Discussions
CSP Hash Incorrect Despite Correct Script and Hash (CSP Lab Issue?)
Hello all! I'm working on Introduction to Content Security Policy (CSP) Lab: Content Security Policy: Hashes exercise that requires generating the correct hash for an inline script like: <script>document.body.style.backgroundColor = "#ADDADE";</script> I’ve used both CyberChef and the SHA-256 JavaScript snippet to generate hashes like: sha256-+BWzTX+GJrse8ifajvHg6QFPdmE+JjXYmrYBn+kLITo= sha256-Msn/9dD1zBN7LGZyQyglKL9JMVyCsVqvZ7MAkmm/BpU= I've accounted for trailing newlines and whitespaces (CRLF, LF), used View Source (not dev tools), and verified that I'm hashing the exact script content. However, the lab continues to mark the answer as “incorrect.” Is this likely a glitch in the lab setup, or is there a common mistake I might be overlooking? Would appreciate any help or confirmation from someone who’s completed this lab or run into a similar problem
ICSE / Wireshark final exercice : how to rebuilt the Pdf?
Hi everyone, in the last exercise, I managed to rebuilt the pdf file and it is perfectly readable, however the md5 hash generated from it keeps on been wrong. Is there anything special to consider when rebuilding the file? My method for rebuilting it was to remove top an bottom part that are obviously not part of the pdf, and also the newline character at the end of the last line, then concatenate everything together with a cat command. Thanks in advance for any hint.
It seems correct answer is not accepted.
I think my answer is correct, however, it is not accepted. Here is the question: Use replace_string() to remove carriage returns (\r) and newline (\n) literals from the SyslogMessage column. Provide your completed replace_string function as the answer. Here is my answer: replace_string(SyslogMessage, "\\n\\r", "") Whole query: Syslog | extend CleanMSG = replace_string(SyslogMessage, "\\n\\r", "") I might be missing something here, however, can't figure out. Appreciate any hints.
Human Connection Lab 7 - AD - password not working
Good afternoon, I've been trying to work through Lab 7 AD for a very long time. However, the password I discovered on the WS01 box (using SharpUp) does not work for the username it also provides. I am unable to login with it at all - is this because of the apostrophe in the password? I have tried to use escape characters, quotes, single quotes and escape chars. Help Me, Obi-Wan, you're my only hope.Custom Lab creation AWS EC2 image issue
Hi, I am trying to create a custom lab in AWS EC2 Ubuntu but our works AWS account blocks the security group for inbound rules for SSH 22 and RDP 3389, so get to the point were I can save the EC2 image to an AMI for the lab. The other option for connecting to the lab is to use Web http port 80. Are the any helpful custom lab guides for helping set up an AWS EC2 with a web app? I was thinking a browser as the web app would be OK as the lab would involve looking at static web pages. TIA Rob
Modern Encryption: Demonstrate Your Skills
Hi there, I have completed all questions except for Q.10 which involves the decryption of an RSA-encrypted file. To the best of my knowledge, a private key is required to decrypt this asymmetrically encrypted file, but I only see a public "public.pem" key in the "~/Desktop/Lab-Files" directory. Am I missing something? I have completed all the other questions so I believe all necessary files/tokens should have already been generated. Any help would be much appreciated. Many thanks, Pete
Threat Research: Dependency Confusion Lab
Hello Community, I am almost finished Threat Research: Dependency Confusion Lab, but I am stuck with the last question "What is the token found in /root/token.txt on the target server?". I have followed all instructions, setup listener, up to python reverse shell (setup.py) but at the end, I don't know how to access token.txt file. Any help would be appreciated. Below are the screenshots from terminal listener and terminal where all commands are executed. Thanks so much Octavio
