Web App Hacking Lab
I am stuck on the last question of this lab. Question 13 - Return to the /login page and log in as the admin of the site. What is the token you receive? I have been trying to use OWASP ZAP but cant seem to figure it out. Any help would be greatly appreciated. Thanks.345Views0likes10CommentsIntroduction to Detection Engineering: Ep.3 – Parent Processes - Kibana says no
Introduction to Detection Engineering: Ep.3 – Parent Processes Team, Trying to complete what should be a straightforward lab, however the elastic search is never ready. Is there any chance someone could take a look at this? I will try on better wifi later but i feel its more a lab issue than connection.7Views0likes0CommentsWindows Sysinternals: ProcDump
What exception is reported by ProcDump when monitoring the execution of ExceptionCatcher.exe? I´ve started "cmd" as administrator but I get the following message. No clue how to launch procdump and how to see the exception. I´ve tried with: procdump.exe -e 1 c:\Users\IMLUser\Desktop\ExceptionCatcher.exe exception.dmp procdump.exe -ma c:\Users\IMLUser\Desktop\ExceptionCatcher.exe exception.dmp Thanks in advance51Views1like3CommentsHelp Q2 - Tuoni 101: Ep.5 – Demonstrate Your Skills
Looking for some help with the Tuoni 101: Ep.5 Q2. The following method is given to gain initial access: "To gain an initial foothold, you'll need to use the Hosted files page to host an executable. Any file hosted using that method will be run once on the initial target. Once executed, it'll be removed from the hosted files page." I tried this one and wasn't able to get the initial access. I tried originally using the default reverse HTTP listener and generating an x64 .exe file and hosting it on the "Files" tab and waited 5 minutes. As this didn't work I tried an x86 payload. This didn't work so I created a new HTTP listener and tried both approaches. After this didn't work, I generated all payload types for the reverse_HTTP and reverse_TCP listeners and hosted them as files and still didn't have any success. Any ways to get the payload to execute would be greatly appreciated.29Views1like3CommentsAWS Systems Manager: Demonstrate Your Skills
Hi. I'm trying to complete the final lab in the AWS Systems Manager: Demonstrate your skills lab. I'm trying to create an IAM policy as requested, but it isn't being accepted. Here is the question: And here is my policy: { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:GetObjectVersion" ], "Resource": [ "arn:aws:s3:::arn:aws:s3:::aws-ssm-eu-west-1/*", "arn:aws:s3:::arn:aws:s3:::amazon-ssm-eu-west-1/*", "arn:aws:s3:::arn:aws:s3:::amazon-ssm-packages-eu-west-1/*", "arn:aws:s3:::arn:aws:s3:::aws-ssm-document-attachments-eu-west-1/*", "arn:aws:s3:::arn:aws:s3:::patch-baseline-snapshot-eu-west-1/*", "arn:aws:s3:::arn:aws:s3:::aws-quicksetup-patchpolicy-*/*", "arn:aws:s3:::arn:aws:s3:::metroliate-1c81a515/*" ] }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": "s3:PutObject", "Resource": "arn:aws:s3:::arn:aws:s3:::metrolio-ssm-logs-74c21f24/*" }, { "Sid": "VisualEditor2", "Effect": "Allow", "Action": "s3:GetEncryptionConfiguration", "Resource": "arn:aws:s3:::arn:aws:s3:::metrolio-ssm-logs-74c21f24" } ] } Any help on what I'm doing wrong would be much appreciated.3Views0likes0CommentsConfused in "Threat Modeling Fundamentals; SQL Injection and Server-Side Template Injection"
In the section File Download there is a question on the quiz which asks "What is the value in /etc/flag.txt?" $> ls /etc Tells me that there is no file named flag.txt Am I looking in the wrong place?117Views2likes10CommentsAutopsy Ep 3: Tags, Comments and Reports
I have attempted this scenario too many times- each time I get to step 30 where it asks for the token in the txt file that is supposed to be on the Desktop. I follow the steps extremely closely and the txt file will not show up on the desktop. I know others have had this issue but I believe it may be a bug.Solved76Views1like6CommentsLogging and Monitoring in AWS: Demonstrate Your Skills
Hello, In Q3 Creating EventBridge I followed the instructions as exposed, but it didn't Detect the completion. Here's how I structured the Rule: Are there any error on the way I structured the rule (don't think so) or can it be an error on the lab itself (missing content)? Thanks in advance. Regards,40Views0likes0Comments