WinDbg: Ep.3 – Debugging Malware
The briefing says: [...] bp kernel32!LoadLibraryA ".printf \"Loading Library: %ma\",poi(esp+0x4);.echo};g"bp kernel32!GetProcAddress ".printf \"\t Looking up function: %ma\",poi(esp+0x8);.echo;g"bp advapi32!CreateServiceW ".printf \"Creating Service: \";.echo;.printf \"\tService Name: %mu\",poi(esp+0x4);.echo;.printf \"\tDisplay Name: %mu\",poi(esp+0x8);.echo;g" [...] Yet, none of these work. The OS was updated, the instructions not. Fix: bp KernelBase!LoadLibraryA bp KernelBase!GetProcAddress bp sechost!CreateServiceWSolved44Views1like1CommentRemove the panel on Linux?
On most Linux systems (except for e.g. Kali Linux) there's a panel at the bottom.The first thing I do usually: killall xfce4-panel Maybe it's better with larger screens, but on laptop screens that panel is really a waste of screen space. How's about removing it?31Views0likes1CommentOpen Source Intelligence (OSINT): Boarding Pass
Has anyone else had issues with this entire OSINT lab? In the Social Media lab, I had to create a throwaway X account just to be able to find the content on the Dade Murphy profile. Perhaps this lab should be updated to reflect the way X operates now, with limits on what can and can't be viewed without logging into an account. I'm now on the Boarding Pass lab, where I have to continue the OSINT research into Dade's Facebook profile. I'm having significant issues with The Wayback Machine, as it only allows me to access 1 of the 16 captures showing. However, I can't view anything on this 1 accessible profile as I am not logged in, yet I cannot log in through The Wayback Machine. The lab requires me to find and view an image of a boarding pass he has apparently uploaded, to do some OSINT research on the data within it, but I can't view any images at all! It seems like this lab isn't possible at the moment for me. Does anyone have any tips on this? ThanksSolved39Views0likes4CommentsNode.js - Beginner -- What am I missing?
In the Node.js - Beginner collection there is a practical lab on Forced Browsing. I have completed what is setup as the criteria for the lab but it keeps telling me that the code isn't secure. I have tested with two different users and the solution works to prevent forced browsing. Is there some other criteria that needs to be met that I'm missing. Remediation: Authorization check: returns a 401 if the user isn't logged in I have also added the author check to verify that only the logged in user retrieves their own drafts.Solved107Views1like5Commentstweaks to career paths
Hi - I'm reasonably close to finishing career path: Advanced Threat Hunting and Digital Forensics However I really don't like the look of "DFIR CTF: LightNeuron DLL" Is it possible to get the career path amended so that this lab does not have to be completed. many thanks - gus66Views1like2CommentsT!m3Trav3l!ngC@t, nice PW but i have German Layout...
In "Active Directory Basics: Ep.4 – Adding a Machine" in the VM i cant enter the "@" Startet Notepad and typed all keys, changes layout to german. Only "€" works, sometimes "|" does not Most i use cut&paste but this time i cannot c&p also...Solved51Views0likes2Comments