challenges
38 TopicsHelp with ELF file entry point in lab
Hi, I'm currently stumped on this lab in particular on the last question: https://us.immersivelabs.com/v2/labs/elf-execution-structure/series/computer-architecture It's asking for the "entry point", which I had assumed based on the image output was 0x4048c5 (it explicitly even says this in the image near the top!), but that's incorrect, as well as answers regarding the PhysAddr addresses. It had gotten to the point where I'm so stumped I tried putting in every other answer I could think of, like the type of program header or some of the names in the segment sections to no avail. The question itself is very vague (what else could be the 'entrypoint'?) and I've been stuck on this for quite some time. I'd appreciate any hints to point me in the right direction, because I don't know what else to put in for an answer now!12Views1like1CommentHack Your First Web App: Ep.4 Missing Cookie
I'm stuck on the last question of Hack Your First Web App: Ep.4. I have repeated the XSS over and over again successfully, but it does not give me a cookie called "xss-token". It gives me a cookie with some letters and numbers, and those aren't the answer to the question. What can I do from here?Solved35Views0likes2CommentsIt seems correct answer is not accepted.
I think my answer is correct, however, it is not accepted. Here is the question: Use replace_string() to remove carriage returns (\r) and newline (\n) literals from the SyslogMessage column. Provide your completed replace_string function as the answer. Here is my answer: replace_string(SyslogMessage, "\\n\\r", "") Whole query: Syslog | extend CleanMSG = replace_string(SyslogMessage, "\\n\\r", "") I might be missing something here, however, can't figure out. Appreciate any hints.31Views0likes1CommentHelp with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills
Hello all, I am stuck with the last question on this Immersive lab . Below is my question Using Python, build a web scraper to scrape the website for 12-digit phone numbers beginning with + (e.g., +123456789012). The requests and BeautifulSoup4 (BS4) libraries are available to you. How many extracted phone numbers are returned? I created the following python script import requests from bs4 import BeautifulSoup import re url = "http://10.102.35.108:4321" try: response = requests.get(url) response.raise_for_status() # Raise an exception for bad status codes except requests.exceptions.RequestException as e: print(f"Error fetching the page: {e}") exit() soup = BeautifulSoup(response.text, 'html.parser') phone_pattern = r"\+\d{12}" found_numbers = re.findall(phone_pattern, soup.get_text()) num_found = len(found_numbers) print(f"Found {num_found} phone numbers:") for number in found_numbers: print(number) The value is 0, but I am getting an incorrect solution. please helpSolved92Views1like6CommentsHuman Connection Lab 7 - AD - password not working
Good afternoon, I've been trying to work through Lab 7 AD for a very long time. However, the password I discovered on the WS01 box (using SharpUp) does not work for the username it also provides. I am unable to login with it at all - is this because of the apostrophe in the password? I have tried to use escape characters, quotes, single quotes and escape chars. Help Me, Obi-Wan, you're my only hope.44Views0likes5CommentsModern Encryption: Demonstrate Your Skills
Hi there, I have completed all questions except for Q.10 which involves the decryption of an RSA-encrypted file. To the best of my knowledge, a private key is required to decrypt this asymmetrically encrypted file, but I only see a public "public.pem" key in the "~/Desktop/Lab-Files" directory. Am I missing something? I have completed all the other questions so I believe all necessary files/tokens should have already been generated. Any help would be much appreciated. Many thanks, Pete81Views2likes3CommentsHalloween Labs - ideas, suggestions, wants 👻🎃🦇
What would you want to see from future Halloween labs? Did you really enjoy a particular aspect of previous years? Any technologies, themes, rewards you want to see? Want more Community content - webinars, events, media within the labs? 👻🎃🦇22Views1like0CommentsFIN7 Threat Hunting with Splunk: Ep.3 – Execution Logs
I am pulling my hair with this last question Rebuild the PowerShell script from the previous question using the three parts found in the PowerShell operational logs. What is the MD5 hash of this file? (The file should not contain any trailing white space or return characters) I ran index=* (EventCode=4104) | search "stager.ps1" AND "scriptblock" | table _raw and added the script content of files (1 of 3) (2 of 3) (3 of 3) to a new file. I removed the spaces and made sure they are glued together. I pasted the file in cyber chef with md5 selected and I keep getting the wrong hash. See a sample of the beginning and end of the 3 files This is just a sample below. I really don't know what else to do with this. $EncodedCompressedFile = @' 7b1pk+LKcjD83RH3P5y4cT/Y0ddusfXAfcMRT5U2JJCgBBJIDn8AAQIklmmgBfz6N7O00sCcnuuxH9vPUcRMo1qycqvMrFItfxmsgu3keHqf//avv/2fP//pH/5NiiJts9+9H//xz+H8fTuPatV/mUXRn//p u3rgE9+I/KPY62u+qTQuvp0Xqu3KPkEovj/867/++Z/+9A9/+oe/jFZbY7757V9/w1+96fpvf3NW78fTJCJRtPP/UfjrvxmT4/Lf//Y3Y3L+x79ML8f54V+6821wXP5VOFcEQfgn+FuDv/CnLnCY/za4HI7zzb9Yp+1xtZn/i7Y9zt93+8H8/WPlQ3Vj8n5YTiKAKe72lxToX4W/prj89aaVHEuOm/g+nxznwyX8mQFuRR38ja3//w== '@ $Decoded = [System.Convert]::FromBase64String($EncodedCompressedFile) $MemStream = New-Object System.IO.MemoryStream $MemStream.Write($Decoded, 0, $Decoded.Length) $MemStream.Seek(0,0) | Out-Null $CompressedStream = New-Object System.IO.Compression.DeflateStream($MemStream, [System.IO.Compression.CompressionMode]::Decompress) $StreamReader = New-Object System.IO.StreamReader($CompressedStream) $Output = $StreamReader.readtoend() $Output | IEXSolved54Views0likes1Comment