Derrick's Doughnut Admin
In the Intro to Web App Hacking: Mapping Web Applications course, the last step I'm instructed to: Return to the /login page and log in as the admin of the site. What is the token you receive? www.derricksdoughnuts.com is the site and I've searched a lot but can't find the Admin credentials. Please advise.5Views0likes0CommentsFoundational Static Analysis: API Analysis
Hi all, I'm stuck in this part, where using Ghidra, I have to find where the Windows API GetModuleHandleA is used, in the binary called exercise_two.exe, and once located, find the parameter of this function. Taking a look about GetModuleHandleA, there's no references or calls to API in any part of the code. Also tried to look for references to GetProcAddress or LoadLibrary and nothing. Am doing something wrong? Any idea to find the "parameter" of the function that calls to the API?. Is the only question from this part remaining... Thanks and regards.19Views2likes0CommentsDigital Forensics: BitLocker Encrypted Drive
I have correctly calculated the offset and have no trouble using the bdemount command however I would appreciate some help with troubleshooting the error recieved when using the mount command. All my commands executed in the lab so far ThanksSolved482Views1like13CommentsHuman Connection Challenge: Season 1 – Windows
After the other Human Connection Challenges, I'm now completely stuck on Machine 1 of the Human Connection Challenge: Season 1 – Windows lab. I found the obvious hidden credentials the the: But I can't find anything on the Any hints?Solved166Views1like10CommentsHack Your First Web App: Ep.6 – Demonstrate Your Skills
Hi, no matter what I try I can't get the token to come up for the XSS on the final question of this lab. I'm logged in on the right screen as the right person but I can't find where I'm meant to be injecting the XSS. Any help would be appreciated please :)63Views1like1CommentHow to use Immersive cyber ranges for cyber threat research?
Want to know how to take advantage of the cyber ranges platform to do malware and adversary research in a sandboxed environment? In this post, I’ll walk you through how to get access to the Heimdall Detection Engineering template for CTI so you can do just that! The Heimdall template is a domain-joined range that contains workstations, a domain controller, and security tooling that you’d ordinarily find in a real network. The purpose of this template is to enable cyber threat research, where you can launch attacks and malware, capture indicators of compromise through tools like Velociraptor, a SIEM network packet capture tool, and some analyst workstations with a bunch of analysis and reverse engineering tools. With that said, let’s get started. Firstly, you’ll need to go to the cyber ranges sign-up page and sign up with a name and email address. After hitting “Sign up”, you’ll need to go to your email and find the confirmation email to get your credentials, then go back to the cyber ranges website and log in with your new credentials. After signing in, you’ll be in the main ranges dashboard. You’ll need to connect your own Amazon Web Services (AWS) account to use ranges, as provisioning machines will cost money for every hour that they are active or stored. Once you’ve connected your AWS account, you can then go to “Range Templates” and launch the Heimdall range.36Views3likes1CommentAnyone finished the "Etherium Smart Contracts"?
Need help on three labs on the Ethereum smart contracts. I managed to do some but stuck on 3 of them so far: Ethereum: Contract Challenge 2 – Sisyphean Brute force the hash? Ethereum: Contract Challenge 4 – Random Can't get my code to work for prediciting the numbers... Ethereum: Contract Challenge 5 – Robin Hood Absolutely no idea.... Any help would be appreciated :)112Views2likes10CommentsPrivilege Escalation: Windows – Automated Enumeration
What directory within 'C:\ProgramData' does Remy have access to? I don´t really know what to answer in this question?. There are some directories that can be accessed by Remy as for example C:\ProgramData\Microsoft. I have try with all that be accessed by Remy but this doesn´t seem to be the correct answer. Thanks C:\Program Files\Amazon C:\Program Files\Backup Files C:\Program Files\Common Files C:\Program Files\desktop.ini C:\Program Files\DIFX C:\Program Files\Google C:\Program Files\internet explorer C:\Program Files\Uninstall Information C:\Program Files\UNP C:\Program Files\VMware C:\Program Files\Windows Defender C:\Program Files\Windows Defender Advanced Threat Protection C:\Program Files\Windows Mail C:\Program Files\Windows Media Player C:\Program Files\Windows Multimedia Platform C:\Program Files\windows nt C:\Program Files\Windows Photo Viewer C:\Program Files\Windows Portable Devices C:\Program Files\Windows Security C:\Program Files\Windows Sidebar C:\Program Files\WindowsApps C:\Program Files\WindowsPowerShellSolved26Views0likes1Comment