Terrapoint (Hats off, Immersive Labs)
Small clues about the labs I consider most important, after solving all of them: Norway and Rwanda; but this is just the beginning of your journey :). Because for the others in the collection, I want to think that you are capable of looking up a phone number: right? ;). The most evil labs, Norwegians and Rwandans ones (in my opinion): In both cases, you must make the most of every pixel in the image provided: such as signs, symbols, and landmarks; once you have done so, try to find out where you really are!. And that's how I won them over: study where that road begins and ends... and simply let yourself be carried away by it, kilometer by kilometer. Tip: don't trust primary sources, they are wrong!: for example, on the main roads of that African country.
CVE-2024-23692 (Rejetto HFS Template Injection) – Offensive
I'm stuck on the last question, number 8. Any help would be appreciated. I feel like I have tried numerous combinations with the query they provide, with no success. What's the full file path to the executable used to run the Rejetto server on the victim machine?
Trick or Treat on Specter Street: Widow's Web
I am very stucked in Trick or Treat on Specter Street: Widow's Web I can't do none of the questions, but in any case I start by 4th that is the first answerable one Your first task is to simulate the loyal Crawlers. Run legitimate-crawler and inspect the output in Lab-Files to observe their behavior. To simulate the rogue Crawlers, you must discover the hidden paths on the website. Read the blog posts – they contain clues. Disallow these in Website-Files/robots.txt and run malicious-crawler. Inspect the output in Lab-Files. What is the token? I have created the robots.txt file since I understand that malicious-crawler goes expressedly there. My robots.txt contains all url's I can imagin Disallow: /secret Disallow: /treat Disallow: /hidden Disallow: /crypt Disallow: /warden Disallow: /rituals Disallow: /witch-secrets Disallow: /admin Disallow: /vault Disallow: /uncover Disallow: /post1 Disallow: /post2 Disallow: /post3 Disallow: /post4 Disallow: /contact Disallow: /drafts/rituals But the result of malicious-crawler.txt doesn't give me either a token nor a hint I have curl-ed all pages looking for words as token and nothing. I have found some key words in http://127.0.0.1:3000/witch-secrets as intercepted-incantations, decoded them and nothing. I have searched in spider-sigthings.log what hapened at 3.00 am but nothing Can someone gime me a hint?
