Forum Widgets
Recent Discussions
Trick or Treat on Specter Street: Ghost of the SOC
Hi, I am being very blind here but i am struggling so a hint would be great. I am at Q3 trying to find the username the Glitch Geist executed the script under. The alert i have found in kibana relates to a powershell issue, but everything i see around that alert suggests the user.name is Administrator which is not accepted as the answer. Also tried this which i have seen S-1-5-18 and what i believe it relates to Local System. Any nudges in the right direction would be appreciated.Trick or Treat on Specter Street: Ghost of the SOC
I know it's one of the challenge labs but I'm fairly sure I'm missing something extremely straight forward, it's 100 point difficulty 4.... Someone help me please! I'm banging my head against a wall with this one! If anyone can point me in the right direction of the specific persistence mechanism I think that would be a start Q8. Use the service account to delete the spirit's persistence mechanism. The methods you employ to gain access to this account are up to you.Weekly Welcome
Welcome to the new members! StuFow AW Azoanl cahitbo82 camelopardalis Shandrea IanMacUK SteveA Zeusie Darhon drivashuete ibeb1 yuscodguy NickHenson IzzyJones Scottie007 breschdleng wdarli1 payal_vala LukaszSIEMIENSKI Blueeyy Alejandra VictorL steadysystematic gazeck Bowders dotpotit Prezybliss319 rajat sanjughasal Getting started? How to Get Started in the Community | Immersive Community - 1012 Check out our just-released challenge series: Trick or Treat on Specter Street with upcoming Labs Live walkthrough of one of the labs. Want to ask a question, or maybe you can help answer someone's: Help Have fun!
Burp Suite Basics: Intruder - Stuck on missing password.txt
Hello community, I'm stuck in lab https://mercedes-benz.immersivelabs.online/v2/labs/burp-basics-intruder/series/burp-suite. The attack to carry out is about a brute-force guess on mfogg1's password using the intruder. The briefing states: Brute force the login page using the password.txt list against the user mfogg1. I'm missing that password.txt file, where the heck is it? I carried out an intruder attack (Cluster bomb) using well known passwords from /usr/share/wordlists/metasploit/burnet_top_1024.txt without success. Even worse, testing those 200 attacks (there are only 200 passwords in that file), tooks quite a considerable time. I must have missed something about the location of that obscure password.txt file. I'm stuck. Perhaps someone can shed a light on this. Thanks in advance, Wolfgang
Incident Response: Suspicious Email – Part 3
Hey all I am stuck at the ImmersiveLab Incident Response: Suspicious Email – Part 3 - Q3. "The malware persists through reboots. What is the registry key value’s name that results in the malware executing automatically?" There is an entry on HKCU Run for the Administrator. Am I on the right track? No matter what I enter it does not accept it. kr
ICS Malware: Triton ModuleNotFoundError: No module named 'pefile
when running this command: python3 python_exe_unpack.py -i /home/iml-user/Desktop/Lab-Files/trilog.exe -o /home/iml-user/Desktop/Lab-Files Traceback (most recent call last): File "python_exe_unpack.py", line 14, in <module> import pefile ModuleNotFoundError: No module named 'pefile' Tried pip3 install pefile but failed. Please advise.Welcome to our newest members!
We missed a week or so of welcomes recently, so let's shout out you all at once 😁 peabody SecureMongoose EirikLothbrook ansghof RobtCBe11GPS Øgrav qamishan petercs cf123 CKenobi smithy111999 SaliouDiallo Shaina RetroFavori reddarts uht23 schroeder travis_sk SetecAstronomy emocookie12 George_C MKhouri Test 3ichie3ich h4lpy JJAlves gamerayers Bolurin victory jjdeno99 pwn6394 Sw33p struc leowjunwei asif tonysena BottledWater ObiKahn Anju Getting started? How to Get Started in the Community | Immersive Community - 1012 We run Labs Live, and then put the recordings up for you to watch: Labs Live: Reverse Engineering | Immersive Community - 2923 Want to ask a question, or maybe you can help answer someone's: Help Otherwise... Welcome!Immersive lab Ghidra, Ep2.
In This lab I have answered all of the questions except question 4 - "Using the function graph on the main function, what is the starting address of the last basic block?" It is not clear which block the "last" one is. I have entered the starting address of all basic blocks but none are correct. Is there some secret to this question that I haven't discovered yet?
