Practical Malware Analysis: Static Analysis question 19
for what native Microsoft service is this malware trying to masquerade as with a legitimate seeming name and a reference to a file path that can be used for persistence, for some reason when typing down the Microsoft Security Center (2.0) Service name, and the info gained from and the registry path HKCU\Software\Microsoft\Windows\CurrentVersion\Run\. it keeps saying that it is wrong. I am wondering about what format are they expecting an answer? or if I am using the wrong name. as mssecsvc2.0 is also wrong.4Views0likes0CommentsPractical Malware Analysis: Static Analysis question 18
for finding the exact name of the executable file. After dynamically overriding the function as shown in the briefing I cant seem to find any meaningful creation of the filename matching the patter provided in sprintf. I am wondering if I should be overriding a different function? as I cant seem to find any meaningful leads when searching for references or traveling to the next data. I also cant seem to find any leads from searching specifically for local_104 and unaff_EDI references as well.Solved63Views2likes3CommentsModern Encryption: Demonstrate your skills
I am in the final lab of this collection and the step 3 I need to encrypt the file using aes 256 encryption using the following command and similar other commands I am using for setup 4 & 5 however the commands execute succesfully and a encrypted file is generated however a key file is not generated to decrypt the remaining for encrypted file to complete the lab. I need the help to solve this lab and get the badge. step 3- openssl enc -aes-256-cbc -a -pbkdf2 -nosalt -in plaintext_1.txt -out plaintext_1.enc step 4- Encrypt a file using RC4 openssl enc -rc4 -d -pbkdf2 -nosalt -in plaintext_2.txt -out plaintext_2.enc step 5- Encrypt a file using RC4 openssl enc --des-ede3-cbc -d -pbkdf2 -nosalt -in plaintext_3.txt -out plaintext_3.enc19Views1like3CommentsCVE-2019-1388 (Windows Priv Esc UAC Bypass) question 4
after transferring the certification of the executable given online. and changing the name and saving the file, I cant seem to change it the whoami output to NT Authority. should I be targeting a different executable file? like a legitimate one? should the browsing to the certificate error be displayed as unable to connect, or if I should be getting a different error. After downloading the certificate, should I be doing something else other than immediately going on cmd.exe and typing whoami. ie. running the certificate or storing it somewhere other than the name told to in briefing? saving the certificate does not seem to change anything.Solved19Views1like3CommentsAPT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills - Question to Q9
Hello everyone I can't find the solution to question 9 (How many file types were exfiltrated at this stage?) in APT29 Threat Hunting with Splunk: Ep.11 - Demonstrate Your Skills. I thought it was the files that are in the log of EventId 4103 Search: EventCode=4103 Get-Item C:\Users\Administrator.BARTERTOWNGROUP\Links\Downloads.lnk C:\Users\Administrator.BARTERTOWNGROUP\Favourites\Bing.url ..... Can anyone help me?Solved54Views1like3CommentsHack Your First Web App: Ep.6 – Demonstrate Your Skills
Hi, no matter what I try I can't get the token to come up for the XSS on the final question of this lab. I'm logged in on the right screen as the right person but I can't find where I'm meant to be injecting the XSS. Any help would be appreciated please :)94Views2likes4CommentsA beginner question on Nmap:
There is a target ip list on the Kali desktop and I wanted to scan the ip address list in the target text file. I tried the command provided in the briefing, which is nmap -iL target-ip-list.txt 1. Run Nmap against the IPs found in the target-ip-list.txt file on the Kali Desktop. It is the activity questions for nmap ep.3 The command is not working for me and can anyone help please? Thanks,18Views1like2CommentsAnyone finished the "Etherium Smart Contracts"?
Need help on three labs on the Ethereum smart contracts. I managed to do some but stuck on 3 of them so far: Ethereum: Contract Challenge 2 – Sisyphean Brute force the hash? Ethereum: Contract Challenge 4 – Random Can't get my code to work for prediciting the numbers... Ethereum: Contract Challenge 5 – Robin Hood Absolutely no idea.... Any help would be appreciated :)138Views2likes11Comments