Hack Your First Web App: Ep.6 - Hydra
I am stuck on Question 7 which instructs you to use hydra to brute force a password. I was able to use it correctly on Ep. 5. I have tried using the same cmd and changing to the login page but it returns 16 incorrect matches rather than one. hydra -l test -P /usr/share/wordlists/custom/ozone-wordlist.txt ozone-energy.bitnet http-form-post"/login:username=^USER^&password=^PASS^&Login=Login:Invalid Password"
Snort Rules: Ep.9 – Exploit Kits
I am pulling my hair with question number 8 Create a Snort rule to detect the third GET request in the second PCAP file, then submit the token. This one should do it but it is not working. alert tcp any any -> any any (msg:"detect the third GET request"; content:"e31e6edb08bf0ae9fbb32210b24540b6fl"; sid:1000001) I tried so many rules base on the first GET header and still unable to get the token. Any tips?Help with Foundational Static Analysis: 64-Bit Analysis
Hello everyone, I received this error while attempting to analyse the malware in this Lab with the default format settings that Ghidra assigned. I attempted to search for the API required in Exercise 1 (CreateProcessWithTokenW) but nothing came up in the Imports or the function list. Am I missing something? Thank you! :)
Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills
Hello all, I am stuck with the last question on this Immersive lab . Below is my question Using Python, build a web scraper to scrape the website for 12-digit phone numbers beginning with + (e.g., +123456789012). The requests and BeautifulSoup4 (BS4) libraries are available to you. How many extracted phone numbers are returned? I created the following python script import requests from bs4 import BeautifulSoup import re url = "http://10.102.35.108:4321" try: response = requests.get(url) response.raise_for_status() # Raise an exception for bad status codes except requests.exceptions.RequestException as e: print(f"Error fetching the page: {e}") exit() soup = BeautifulSoup(response.text, 'html.parser') phone_pattern = r"\+\d{12}" found_numbers = re.findall(phone_pattern, soup.get_text()) num_found = len(found_numbers) print(f"Found {num_found} phone numbers:") for number in found_numbers: print(number) The value is 0, but I am getting an incorrect solution. please help
ICSE / Wireshark final exercice : how to rebuilt the Pdf?
Hi everyone, in the last exercise, I managed to rebuilt the pdf file and it is perfectly readable, however the md5 hash generated from it keeps on been wrong. Is there anything special to consider when rebuilding the file? My method for rebuilting it was to remove top an bottom part that are obviously not part of the pdf, and also the newline character at the end of the last line, then concatenate everything together with a cat command. Thanks in advance for any hint.
Human Connection Lab 7 - AD - password not working
Good afternoon, I've been trying to work through Lab 7 AD for a very long time. However, the password I discovered on the WS01 box (using SharpUp) does not work for the username it also provides. I am unable to login with it at all - is this because of the apostrophe in the password? I have tried to use escape characters, quotes, single quotes and escape chars. Help Me, Obi-Wan, you're my only hope.
