help & support
203 TopicsImmersive lab Ghidra, Ep2.
In This lab I have answered all of the questions except question 4 - "Using the function graph on the main function, what is the starting address of the last basic block?" It is not clear which block the "last" one is. I have entered the starting address of all basic blocks but none are correct. Is there some secret to this question that I haven't discovered yet?4Views0likes0CommentsI'm stucked in "A Christmas Catastrophe: Let It Snow".
I'm stucked in "A Christmas Catastrophe: Let It Snow". I've tried a lot of things: Fill the <error> characters with the ones defines with only one space and repeated Try to discover the word holiday Try to find a pattern of the encryption to fill the non defined letters Can somebody help me?Solved37Views0likes6CommentsModern Encryption: Demonstrate Your Skills
Hi there, I have completed all questions except for Q.10 which involves the decryption of an RSA-encrypted file. To the best of my knowledge, a private key is required to decrypt this asymmetrically encrypted file, but I only see a public "public.pem" key in the "~/Desktop/Lab-Files" directory. Am I missing something? I have completed all the other questions so I believe all necessary files/tokens should have already been generated. Any help would be much appreciated. Many thanks, Pete153Views3likes5CommentsKusto Query Language: Ep.9 – Parsing Complex Data Types.
Hi all, I am stuck on Question 6 as part of the KQL Parsing Complex Data Types. I have been doing adaptations of the following query to only get a blank AvgTime table each time. Event_CL | where EventData contains "KB2267602" | extend ParsedData = parse_json(EventData) | summarize AvgTime = avg(todatetime(ParsedData["@time"])) I may be missing something obvious or not, but any help would be thankful.36Views1like4CommentsAdvanced CTF Challenge: Hardened Maze
Hi Team, I found file upload options on one port but get information: "For authorized personnel: Upload a critical security patch." I tried with many extension with curl and POST method with -F "exe_file=@filename" Unfortunately, it does not accept any of my combinations. You can give us some clue as to how to approach this 🙂130Views1like6CommentsTake part in Immersive research: AI Chatbot in labs
📢 We would love to hear your opinions on a new AI Chatbot concept within our labs. Can you spare an hour to come along to a research call? During the call, you will be asked to undertake a lab on our test environment, using the AI chatbot to assist. We will then ask for feedback on your experience. You will need to attend the call on a laptop or desktop (no tablets or phones) and be able to share your screen throughout. The session will be recorded and will take place using Google Meet. Upon completion of the session, you will receive a £50 eGift card (or local currency equivalent). Sessions are taking place August 12-14th. 🗓️ Sign up at a time that is convenient for you, using this booking form..60Views3likes4CommentsPowerShell Deobfuscation: Ep 8 help
I have been stuck on this EP for a week and haven't been able to progress. I am hoping someone can give me a hint to help me get through this one. Here is what I have done so far. I take the original encoded message and apply "FromBase64" and then "Raw Inflate" and I get the following data: You can see it outputs another command that also needs to decoded using the same steps above. That output gives you this... It outputs a string of characters but no obvious way to get this readable. I have tried bit-shifting, rotating characters, and a bunch of other tests and nothing has shown me anything that is remotely readable. I assume I am missing something simple but every time I read it back through, I don't see what I missed. Any help you can provide would be greatly appreciated.228Views1like7CommentsWindows Exploitation: Bypassing AppLocker Allowed Paths
Hello, I need a assistance with a lab on Windows Exploitation: Bypassing AppLocker Allowed Paths . I have tried to clear this lab but I'm unable to run powershell.exe. I have tried to locate other installations of Powershell on the Windows Machine but even those executables within C:\Windows\WinSxS are getting blocked. Please help me on this to crack down.76Views0likes4Comments