other
21 TopicsModern Encryption: Demonstrate your skills
I am in the final lab of this collection and the step 3 I need to encrypt the file using aes 256 encryption using the following command and similar other commands I am using for setup 4 & 5 however the commands execute succesfully and a encrypted file is generated however a key file is not generated to decrypt the remaining for encrypted file to complete the lab. I need the help to solve this lab and get the badge. step 3- openssl enc -aes-256-cbc -a -pbkdf2 -nosalt -in plaintext_1.txt -out plaintext_1.enc step 4- Encrypt a file using RC4 openssl enc -rc4 -d -pbkdf2 -nosalt -in plaintext_2.txt -out plaintext_2.enc step 5- Encrypt a file using RC4 openssl enc --des-ede3-cbc -d -pbkdf2 -nosalt -in plaintext_3.txt -out plaintext_3.encSolved699Views1like5CommentsConfusion on Cyber Fundamentals Linux CLI ep.16 question 6
Question 6 seems fairly straight forward but I have yet to stumble on the combination of commands the lab is looking for. The question is "In a single line: run sleep 600 to sleep in the background for 10 minutes then run touch emptyfile in the foreground to create an empty file." At first glance it seems to be leading the student to try something like sleep 600 & && touch emptyfile but that's invalid syntax. I've tried ( sleep 600 & ) && touch emptyfile but that doesn't work, I suspect because the && sees the success from the () being executed and immediately runs touch. I've tried ( sleep 600 && touch emptyfile ) & but after 10 minutes of waiting the lab never "detects" success which I'm guessing because the touch is ran from the background. I can't find the magic combination to satisfy a sleep command running in the background and then a touch command running in the foreground in a single oneline statement. Any hints would be appreciated, greatly.Solved654Views1like1CommentSnort Rules: Ep.9 – Exploit Kits
I am pulling my hair with question number 8 Create a Snort rule to detect the third GET request in the second PCAP file, then submit the token. This one should do it but it is not working. alert tcp any any -> any any (msg:"detect the third GET request"; content:"e31e6edb08bf0ae9fbb32210b24540b6fl"; sid:1000001) I tried so many rules base on the first GET header and still unable to get the token. Any tips?Solved305Views0likes3CommentsDoS Practical
Hello again, I am working on another lab - The DoS practical in the networking module. I have been combing the packets with a fine tooth comb and can’t find any info on the Crypto currency it’s after or the last two questions either. Any pointers would be greatly appreciated. I spent 2 hours combing packets and reading packet data and I just couldn’t see anything. I will endeavour to keep trying!! I tried filtering by HTTP, but couldn’t figure out how to filter HTTP packets coming from the DoS tool or find info on the Tool used in the DoS attack. thanks again scottSolved280Views1like3CommentsSnort Rules: Ep.7 – Lokibot Infection Traffic
I need help with the last question please. I tried so many rules and I am still getting it wrong 13-Create a Snort rule to detect this User-Agent string in the HTTP header for connections using port 49167, then submit the token. Tried this one which to me it should be able to work. alert tcp any any -> any 49167 (msg:"User-Agent match"; content:"Mozilla/4.08 (Charon; Inferno)"; sid:5000031;) alert tcp any any -> any 49167 (msg:"User-Agent Mozilla/4.08 (Charon; Inferno) detected"; content:"User-Agent: Mozilla/4.08 (Charon; Inferno)"; http_header; sid:5000020;)Solved220Views0likes2CommentsImmersive lab Ghidra, Ep2.
In This lab I have answered all of the questions except question 4 - "Using the function graph on the main function, what is the starting address of the last basic block?" It is not clear which block the "last" one is. I have entered the starting address of all basic blocks but none are correct. Is there some secret to this question that I haven't discovered yet?Solved208Views1like4CommentsBurp Suite Basics: Intruder - Stuck on missing password.txt
Hello community, I'm stuck in lab https://mercedes-benz.immersivelabs.online/v2/labs/burp-basics-intruder/series/burp-suite. The attack to carry out is about a brute-force guess on mfogg1's password using the intruder. The briefing states: Brute force the login page using the password.txt list against the user mfogg1. I'm missing that password.txt file, where the heck is it? I carried out an intruder attack (Cluster bomb) using well known passwords from /usr/share/wordlists/metasploit/burnet_top_1024.txt without success. Even worse, testing those 200 attacks (there are only 200 passwords in that file), tooks quite a considerable time. I must have missed something about the location of that obscure password.txt file. I'm stuck. Perhaps someone can shed a light on this. Thanks in advance, WolfgangSolved200Views0likes1Comment