challenges
75 TopicsImprobable Maze
The Maze Challenge consists of a series of eight “mazes” of increasing complexity based on real-world-inspired cyber attack scenarios, testing a variety of offensive skills, such as web, infrastructure, Active Directory, scripting, and binary exploitation. This lab will challenge your web hacking skills by presenting a maze where the walls are not physical barriers but rather vulnerabilities in the web application itself. You must identify and exploit these web-based weaknesses to effectively bypass the maze walls and successfully navigate to the end. Need a hint to help you escape this maze? SabrinaKayaci and StefanApostol will be on hand in this webinar to answer your questions and point you in the right direction. To locate the Maze Challenge navigate to Exercise > Challenges & Scenarios > Maze Good Luck!187Views1like2CommentsIntroduction to Metasploit: Ep.9 – Demonstrate Your Skills
Please help me out here. I managed to brute for to Apache Tomcat Manager using: auxiliary/scanner/http/tomcat_mgr_login QCC:Qlogic66 When i try to log in to site it is not working http://10.10.10.10:9090/manager/html I need to spawn a user level shell on the victim machine using this creds, not sure why they are not working. I need to use any of these exploits and they require a username and password : 1. exploit/multi/http/tomcat_mgr_deploy 2009-11-09 2. exploit/multi/http/tomcat_mgr_upload 2009-11-0934Views0likes4CommentsStuck On Secure Spring Developer (Beginner) URL Parameters Challenge
The lab is around trying to mediate a vulnerability by changing a GET request to a POST request in order to keep sensitive login information out of the URL params. But basically I don't know how I need to go about changing the code(apart from changing "GET" to "POST" on the login form and in a backend method). I'm at a total loss on this one so I'd really appreciate some guidance or an example. I wasn't sure if I should also be making changes to the mapping on the controller (although this isn't mentioned in the lab). These are the changes I have made so far <form th:action="@{/login}" method="POST"> protected LoginProcessingFilter(AuthenticationManager authenticationManager) { super(new AntPathRequestMatcher("/login", "POST")); setAuthenticationManager(authenticationManager); setAuthenticationSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/home")); } Thanks in advance for any assistanceSolved23Views0likes2CommentsHack Your First Web App: Ep.4 Missing Cookie
I'm stuck on the last question of Hack Your First Web App: Ep.4. I have repeated the XSS over and over again successfully, but it does not give me a cookie called "xss-token". It gives me a cookie with some letters and numbers, and those aren't the answer to the question. What can I do from here?Solved126Views0likes3CommentsBroken Maze
The Maze Challenge consists of a series of eight “mazes” of increasing complexity based on real-world-inspired cyber attack scenarios, testing a variety of offensive skills, such as web, infrastructure, Active Directory, scripting, and binary exploitation. Exploiting Maze Image Generator This lab presents a unique attack surface by tasking you with exploiting the system responsible for generating the maze's visual representation. Your goal is to identify vulnerabilities within the image generation process to manipulate it in a way that grants you access to the hidden token. 🏅 Exclusive Community Challenge Coins are available to any community member who escapes this maze. Need a hint to help you escape this maze? SabrinaKayaci and StefanApostol will be on hand in this webinar to answer your questions and point you in the right direction. To locate the Maze Challenge navigate to Exercise > Challenges & Scenarios > Maze Good Luck!114Views1like6CommentsServer-Side Request Forgery Web App Hacking
I've been banging my head against this for a few hours now and worked my way all the way through to step 7. I am not able to retrieve /tmp/token.txt. I've tried modifying the "url" param key and found it throws a 500 for anything I've tried other than "url". I've tried modifying the "url" value to use directory traversal and "///tmp/token.txt", "/tmp/token.txt". Still no luck. I've also tried using the original url paths and the bypass I used to view the config file for the bot and I get 404's back. I think the lab could have an issue? I have screenshots but didn't want to share them unless asked to not reveal any answers. Any help is appreciated.Solved36Views0likes2CommentsAdvanced CTF Challenge: Hardened Maze
Hi Team, I found file upload options on one port but get information: "For authorized personnel: Upload a critical security patch." I tried with many extension with curl and POST method with -F "exe_file=@filename" Unfortunately, it does not accept any of my combinations. You can give us some clue as to how to approach this 🙂Solved206Views1like9CommentsThe Maze Challenge
Put your Offensive Security skills to the ultimate test in eight of the most challenging offensive labs ever assembled by the Immersive team - welcome to The Maze! Navigate a series of eight “mazes” of increasing complexity based on real-world-inspired cyber attack scenarios, testing a variety of offensive skills, such as web, infrastructure, Active Directory, scripting, and binary exploitation. Best of all, taking part gives you a fantastic opportunity to win exclusive challenge coins and be recognized in our Cyber Resilience Awards during Cyber Awareness Month! Do you think you have what it takes to escape The Maze? Try it Now: Maze Want to get a head start on the competition? Join the fiendish minds behind The Maze in the Immersive community, Tuesday 19th August, for a Live walkthrough of the first lab in the series “The Improbable Maze” and providing hints and tips that will help you to escape some of the other mazes. Register Now: Labs Live595Views2likes9Comments