immersive labs
58 TopicsAdvanced CTF Challenge: Hardened Maze
Hi Team, I found file upload options on one port but get information: "For authorized personnel: Upload a critical security patch." I tried with many extension with curl and POST method with -F "exe_file=@filename" Unfortunately, it does not accept any of my combinations. You can give us some clue as to how to approach this 🙂Solved165Views1like9CommentsPoshC2: Ep.6 – Demonstrate Your Skills
I'm stuck on Q8 - Run a privilege escalation enumeration module. What is the Administrator password? I know the answer is output in the command Invoke-AllChecks but i always get an error when running the command. any help is appreciated.Solved19Views0likes2CommentsI'm stucked in "A Christmas Catastrophe: Let It Snow".
I'm stucked in "A Christmas Catastrophe: Let It Snow". I've tried a lot of things: Fill the <error> characters with the ones defines with only one space and repeated Try to discover the word holiday Try to find a pattern of the encryption to fill the non defined letters Can somebody help me?Solved51Views0likes6CommentsAdvanced CTF Challenge: Improbable Maze
I have the token from the POST but when I put in under Repeater and change the key value to 4, 4, like what was shown in the live training session, I only receive back the response: Too Slow. Not sure what I am missing to get the token value.Solved110Views1like4CommentsModern Encryption: Demonstrate Your Skills
Hi there, I have completed all questions except for Q.10 which involves the decryption of an RSA-encrypted file. To the best of my knowledge, a private key is required to decrypt this asymmetrically encrypted file, but I only see a public "public.pem" key in the "~/Desktop/Lab-Files" directory. Am I missing something? I have completed all the other questions so I believe all necessary files/tokens should have already been generated. Any help would be much appreciated. Many thanks, Pete158Views3likes5CommentsCVE-2024-0012 and CVE-2024-9474 (Palo Alto PAN-OS) – Offensive Question
Hi, I am stuck on number 8 in this lab which is: What is the value you find in /root/token.txt? I am having trouble trying to determine what vulnerability to exploit in order to obtain this token. Can you please provide assistance to me regarding this step? Regards, RockySolved35Views0likes3CommentsSuperSonic: Ep.7 – LIFTON
Hi there, Has anyone completed SuperSonic: Ep.7 – LIFTON recently? I have answered all the questions up to question 10. I believe I need to obtain files from the ftp server, however, when trying to login with the credentials from questions 7 and 8 I get failed authentication. I wanted to confirm if this is a me issue, or there is an issue with the FTP server itself? Any help would be greatly appreciated :)Solved38Views1like2CommentsGuardDuty: Demonstrate Your Skills
Has anyone had any issues with the GuardDuty lab. GuardDuty: Demonstrate Your Skills - Labs - Immersive In task no.4 It asked you: In order to encrypt findings being exported to S3, GuardDuty requires a KMS key The KMS key policy must give the required permissions to the GuardDuty service principal. I have amended the policy as followed. "Version": "2012-10-17", "Statement": [ { "Sid": "Allow GuardDutytoencryptfindings", "Effect": "Allow", "Principal": { "Service": "guardduty.amazonaws.com" }, "Action": [ "kms:GenerateDataKey", ], "Resource": "*" The lab isn't progressing past this. Am I doing something wrong or is it a bug in the lab. Any help is appreciated, Thanks I33Views0likes1CommentFoundational Static Analysis: API Analysis step 10
Step 10 of this lab says to go to the command line and run xelfviewer. In my virtual machine, that is not found. I see a directory for the building of it, but I don't find the binary anywhere to be able to execute it, and I don't have permissions to be able to do the build. Anyone have any suggestions about that?96Views0likes4Comments