Web App Hacking (Lab series): CVE-2022-42889 (Text4Shell) – Offensive
Hey all, Anyone have any luck with CVE-2022-42889 (Text4Shell) – Offensive? The first few questions were easy enough, but I have spent hours on the last one trying to get the token. On the attacker server, I can setup the listener, I don't believe my problem is there. I have tried many variations of URL encoding and various nc commands in the payload including ones similar to the blog post. If any one has any suggestions I would love to hear them! Thanks. J
Modern Encryption: Demonstrate your skills
I am in the final lab of this collection and the step 3 I need to encrypt the file using aes 256 encryption using the following command and similar other commands I am using for setup 4 & 5 however the commands execute succesfully and a encrypted file is generated however a key file is not generated to decrypt the remaining for encrypted file to complete the lab. I need the help to solve this lab and get the badge. step 3- openssl enc -aes-256-cbc -a -pbkdf2 -nosalt -in plaintext_1.txt -out plaintext_1.enc step 4- Encrypt a file using RC4 openssl enc -rc4 -d -pbkdf2 -nosalt -in plaintext_2.txt -out plaintext_2.enc step 5- Encrypt a file using RC4 openssl enc --des-ede3-cbc -d -pbkdf2 -nosalt -in plaintext_3.txt -out plaintext_3.encFoundational Static Analysis: API Analysis
Hi all, I'm stuck in this part, where using Ghidra, I have to find where the Windows API GetModuleHandleA is used, in the binary called exercise_two.exe, and once located, find the parameter of this function. Taking a look about GetModuleHandleA, there's no references or calls to API in any part of the code. Also tried to look for references to GetProcAddress or LoadLibrary and nothing. Am doing something wrong? Any idea to find the "parameter" of the function that calls to the API?. Is the only question from this part remaining... Thanks and regards.
Viewing combined Pioneer info??
Hola, Random idle thought, as I've just got the Pioneer badge for completing the new Typelib: COM Persistence lab. Is there way to easily view a list of who has which Pioneer badges? I'd be very curious to see a local leaderboard of who has how many, and for which labs/sections... Does it show up in data explorer or the other logging stuff anywhere? Cheers, Steve.
