Check out the new exclusive Machines available on Dedicated Labs.

Explore the new content released in February within Dedicated Labs. This month, we are featuring three (3) new exclusive Machines.

Atrium

Get your hands on the CVE-2023-52076 vulnerability in Atril Document Viewer, which affects the parsing and extraction of EPUB files, allows to write arbitrary data to any path the user who opens the file has write access to, with the only limitation of being unable to overwrite existing files.

DootDoot

Have a look at this medium-level Linux Machine that showcases an Indirect Poisoned Pipeline Execution (I-PPE), wherein Jenkins builds are conducted through a Docker image hosted in a private Docker registry. A Public Gitea repository exposes credentials through commits, allowing unauthorized access to the Docker registry. The goal is to use Reconnaissance and Docker Abuse techniques to tackle vulnerabilities of Clear Text Credentials and Insecure Design.

Sententia

Practice with a hard-level Windows Machine focusing on EDR bypass techniques and Insecure Design vulnerability. The goal of this machine is to showcase how API hooking can be bypassed by unhooking and cleaning the NTDLL to its normal state.

Don’t have access to Dedicated Labs yet? Contact your Account Manager or hit the button below to unlock more.