Forum Discussion
CVE-2024-5910 (Palo Alto Expedition) – Defensive
Hello - I'm a bit stuck on
CVE-2024-5910 (Palo Alto Expedition) – Defensive
I cannot see an obvious answer to
After attempting to reset the admin credentials, which endpoint did the attacker attempt to connect to next?
any tips on how to complete?
I'll do the offensive one now just in case that gives me something to pivot off.
thanks - gus
Hi GusC
Each time the attacker attempts to reset the admin password (using the PHP file identified in task 2), they access the same endpoint immediately afterwards - which endpoint is it?
Hope that helps!
4 Replies
- BarnyStewart
Immerser
Hi GusC
Each time the attacker attempts to reset the admin password (using the PHP file identified in task 2), they access the same endpoint immediately afterwards - which endpoint is it?
Hope that helps!- GusC
Bronze III
ok got it thanks - I just didn't expect that answer, I was looking for a hostname of some sort.
- TillyCorless
Community Manager