Practical Malware Analysis: Static Analysis question 19
for what native Microsoft service is this malware trying to masquerade as with a legitimate seeming name and a reference to a file path that can be used for persistence, for some reason when typing down the Microsoft Security Center (2.0) Service name, and the info gained from and the registry path HKCU\Software\Microsoft\Windows\CurrentVersion\Run\. it keeps saying that it is wrong. I am wondering about what format are they expecting an answer? or if I am using the wrong name. as mssecsvc2.0 is also wrong.Practical Malware Analysis: Static Analysis question 18
for finding the exact name of the executable file. After dynamically overriding the function as shown in the briefing I cant seem to find any meaningful creation of the filename matching the patter provided in sprintf. I am wondering if I should be overriding a different function? as I cant seem to find any meaningful leads when searching for references or traveling to the next data. I also cant seem to find any leads from searching specifically for local_104 and unaff_EDI references as well.
Hack Your First Web App: Ep.6 – Demonstrate Your Skills
Hi, no matter what I try I can't get the token to come up for the XSS on the final question of this lab. I'm logged in on the right screen as the right person but I can't find where I'm meant to be injecting the XSS. Any help would be appreciated please :)
A beginner question on Nmap:
There is a target ip list on the Kali desktop and I wanted to scan the ip address list in the target text file. I tried the command provided in the briefing, which is nmap -iL target-ip-list.txt 1. Run Nmap against the IPs found in the target-ip-list.txt file on the Kali Desktop. It is the activity questions for nmap ep.3 The command is not working for me and can anyone help please? Thanks,Anyone finished the "Etherium Smart Contracts"?
Need help on three labs on the Ethereum smart contracts. I managed to do some but stuck on 3 of them so far: Ethereum: Contract Challenge 2 – Sisyphean Brute force the hash? Ethereum: Contract Challenge 4 – Random Can't get my code to work for prediciting the numbers... Ethereum: Contract Challenge 5 – Robin Hood Absolutely no idea.... Any help would be appreciated :)Foundational Static Analysis: API Analysis
Hi all, I'm stuck in this part, where using Ghidra, I have to find where the Windows API GetModuleHandleA is used, in the binary called exercise_two.exe, and once located, find the parameter of this function. Taking a look about GetModuleHandleA, there's no references or calls to API in any part of the code. Also tried to look for references to GetProcAddress or LoadLibrary and nothing. Am doing something wrong? Any idea to find the "parameter" of the function that calls to the API?. Is the only question from this part remaining... Thanks and regards.
PowerShell Deobfuscation: Ep 8 help
I have been stuck on this EP for a week and haven't been able to progress. I am hoping someone can give me a hint to help me get through this one. Here is what I have done so far. I take the original encoded message and apply "FromBase64" and then "Raw Inflate" and I get the following data: You can see it outputs another command that also needs to decoded using the same steps above. That output gives you this... It outputs a string of characters but no obvious way to get this readable. I have tried bit-shifting, rotating characters, and a bunch of other tests and nothing has shown me anything that is remotely readable. I assume I am missing something simple but every time I read it back through, I don't see what I missed. Any help you can provide would be greatly appreciated.
Derrick's Doughnut Admin
In the Intro to Web App Hacking: Mapping Web Applications course, the last step I'm instructed to: Return to the /login page and log in as the admin of the site. What is the token you receive? www.derricksdoughnuts.com is the site and I've searched a lot but can't find the Admin credentials. Please advise.
