offensive cyber
58 TopicsCVE-2021-22205 (GitLab) – Defensive
Hello, I'm going through some old labs I haven't managed to complete. This one's a bit of a beast. I can get a reverse shell, I can see I am git. however I cannot for the life of me Identify the NGINX log files. this doesn't return anything from the shell or when I am shh'd into the gitlab server find / -type f -name "gitlab_access.log" 2>/dev/null and this isn't returning anything from either the shell or ssh session iml-user@defsec:~/Desktop$ sigmac -t grep sigma.yml grep -P -i '^(?:.*(?=.*POST)(?=.*499))' any clues gratefully received ;)22Views0likes1CommentEp 7 Post Exploitation With Metasploit
I’m having issues with q9 and don’t know why what I’m currently doing isn’t working. I’ve ran SharpUp.exe and found a vulnerable binary location (C:/Windows/Important-Service/Important-Service.exe). From my original meterpreter session, I have uploaded a new msfvenom payload called Important-Service.exe to the location above, with hope to spawn a new shell on another listener. Nothing is happening when I start the service or execute the exe. Any pointers with this one? I feel that what I am doing is correct and should work.Solved55Views0likes5CommentsIntroduction to Metasploit: Ep.9 – Demonstrate Your Skills
Please help me out here. I managed to brute for to Apache Tomcat Manager using: auxiliary/scanner/http/tomcat_mgr_login QCC:Qlogic66 When i try to log in to site it is not working http://10.10.10.10:9090/manager/html I need to spawn a user level shell on the victim machine using this creds, not sure why they are not working. I need to use any of these exploits and they require a username and password : 1. exploit/multi/http/tomcat_mgr_deploy 2009-11-09 2. exploit/multi/http/tomcat_mgr_upload 2009-11-0942Views0likes4CommentsHack Your First Web App: Ep.4 Missing Cookie
I'm stuck on the last question of Hack Your First Web App: Ep.4. I have repeated the XSS over and over again successfully, but it does not give me a cookie called "xss-token". It gives me a cookie with some letters and numbers, and those aren't the answer to the question. What can I do from here?Solved138Views0likes3CommentsPoshC2: Ep.6 – Demonstrate Your Skills
I'm stuck on Q8 - Run a privilege escalation enumeration module. What is the Administrator password? I know the answer is output in the command Invoke-AllChecks but i always get an error when running the command. any help is appreciated.Solved34Views0likes2CommentsHalloween Labs - ideas, suggestions, wants 👻🎃🦇
What would you want to see from future Halloween labs? Did you really enjoy a particular aspect of previous years? Any technologies, themes, rewards you want to see? Want more Community content - webinars, events, media within the labs? 👻🎃🦇146Views3likes6CommentsHacking tools
Just (re)entering the space of hacking hardware (I had a flipper, but it went boom after a fallout with a bottle of Coke and the rubbish attached lids we have in the UK. I am getting the stuff to build a Bjorn networking tool as a first project. In a "Oh-I-wonder-if-I-could build-one-educational" activity... Has anyone built one before? What use did you get out of it? What other tools have people built?49Views1like5Comments