Trick or Treat on Specter Street: Ghost of the SOC
I know it's one of the challenge labs but I'm fairly sure I'm missing something extremely straight forward, it's 100 point difficulty 4.... Someone help me please! I'm banging my head against a wall with this one! If anyone can point me in the right direction of the specific persistence mechanism I think that would be a start Q8. Use the service account to delete the spirit's persistence mechanism. The methods you employ to gain access to this account are up to you.
Trick or Treat on Specter Street: Ghost of the SOC
Hi, I am being very blind here but i am struggling so a hint would be great. I am at Q3 trying to find the username the Glitch Geist executed the script under. The alert i have found in kibana relates to a powershell issue, but everything i see around that alert suggests the user.name is Administrator which is not accepted as the answer. Also tried this which i have seen S-1-5-18 and what i believe it relates to Local System. Any nudges in the right direction would be appreciated.
CVE-2021-22205 (GitLab) – Defensive
Hello, I'm going through some old labs I haven't managed to complete. This one's a bit of a beast. I can get a reverse shell, I can see I am git. however I cannot for the life of me Identify the NGINX log files. this doesn't return anything from the shell or when I am shh'd into the gitlab server find / -type f -name "gitlab_access.log" 2>/dev/null and this isn't returning anything from either the shell or ssh session iml-user@defsec:~/Desktop$ sigmac -t grep sigma.yml grep -P -i '^(?:.*(?=.*POST)(?=.*499))' any clues gratefully received ;)Burp Suite Basics: Intruder - Stuck on missing password.txt
Hello community, I'm stuck in lab https://mercedes-benz.immersivelabs.online/v2/labs/burp-basics-intruder/series/burp-suite. The attack to carry out is about a brute-force guess on mfogg1's password using the intruder. The briefing states: Brute force the login page using the password.txt list against the user mfogg1. I'm missing that password.txt file, where the heck is it? I carried out an intruder attack (Cluster bomb) using well known passwords from /usr/share/wordlists/metasploit/burnet_top_1024.txt without success. Even worse, testing those 200 attacks (there are only 200 passwords in that file), tooks quite a considerable time. I must have missed something about the location of that obscure password.txt file. I'm stuck. Perhaps someone can shed a light on this. Thanks in advance, WolfgangImprobable Maze
The Maze Challenge consists of a series of eight “mazes” of increasing complexity based on real-world-inspired cyber attack scenarios, testing a variety of offensive skills, such as web, infrastructure, Active Directory, scripting, and binary exploitation. This lab will challenge your web hacking skills by presenting a maze where the walls are not physical barriers but rather vulnerabilities in the web application itself. You must identify and exploit these web-based weaknesses to effectively bypass the maze walls and successfully navigate to the end. Need a hint to help you escape this maze? SabrinaKayaci and StefanApostol will be on hand in this webinar to answer your questions and point you in the right direction. To locate the Maze Challenge navigate to Exercise > Challenges & Scenarios > Maze Good Luck!
