{
    "id": "18d972f4-61fb-36c0-a3a5-d318b44cb095",
    "name": "The None Algorithm",
    "slug": "the-none-algorithm",
    "status": "published",
    "lab_type": "pta",
    "is_sample": false,
    "duration_in_seconds": 1800,
    "metadata": {
        "courses": [
            "1dce1618-55b6-4205-9799-e509ad2b2c77",
            "62ef2f60-d961-3a56-8754-32bb3143acdd"
        ],
        "pta_sdn": "1351",
        "collections": [
            "7e29006f-2c44-4f85-977e-dad375310879"
        ],
        "pta_namespace": "attackdefenselabs",
        "learning_paths": [],
        "has_published_parent": true
    },
    "session": null,
    "company": "a491bc32-c056-4946-9169-cc053387bada",
    "created": "2022-03-17T11:44:25.223866Z",
    "modified": "2024-11-27T14:52:47.094083Z",
    "is_beta": false,
    "lab_objectives": [],
    "main_learning_area": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
    "learning_areas": [
        {
            "id": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
            "name": "Cyber Security",
            "slug": "cyber-security"
        }
    ],
    "categories": [
        {
            "id": "921293b3-e2f8-44ce-a27b-e33224bd251b",
            "name": "JWT Basics"
        },
        {
            "id": "69b693c0-7fbc-4970-8e80-96a349b4bb7e",
            "name": "REST"
        }
    ],
    "tags": [],
    "difficulty": "advanced",
    "is_web_access": false,
    "is_lab_experience": true,
    "is_featured": false,
    "cve": null,
    "severity": null,
    "year": null,
    "classification": null,
    "is_trackable": true,
    "cpe_credits": 1,
    "is_skill_check": false,
    "external_url": "",
    "solution_video": "708bc202-167a-399c-9123-1a4fc0d3c1d0",
    "explanation_video": null,
    "description": "The REST API is running on the target machine and uses JWT based authentication.\u00a0The implementation of JWT is very crucial for the safety of a REST API. One of its crucial parts is the algorithm which is used for signing the tokens. However, the library code handling the JWT signature algorithm was buggy.  \n\n\nObjective: Retrieve the flag stored on the server!\n\n**User Information:**  \n\n\n\n\n| **Username** | elliot |\n| **Password** | elliotalderson |\n| **Email** | elliot@evilcorp.com |\n\n  \n**API Endpoints:**  \n\n\n\n\n| **Endpoint** | **Description** | **Method** | **Parameter(s)** |\n| /auth/local | Authenticates the user and returns JWT authentication token | POST | identifier, password |\n| /users | Creates a new user | POST | username, password, email, role, provider |\n| /admin | Access Strapi Admin Panel | GET | - |\n\n  \nInstructions:\u00a0\n\n* This lab is dedicated to you! No other users are on this network :)\n* Once you start the lab, you will have access to a Kali GUI instance.\n* Your Kali instance has an interface with IP address 192.X.Y.2. Run \"ifconfig\" to know the values of X and Y.\n* The REST API should be running on port 1337 on the machine located at the IP address 192.X.Y.3.\n* Do not attack the gateway located at IP address 192.X.Y.1",
    "description_html": "<p>The REST API is running on the target machine and uses JWT based authentication.\u00a0The implementation of JWT is very crucial for the safety of a REST API. One of its crucial parts is the algorithm which is used for signing the tokens. However, the library code handling the JWT signature algorithm was buggy.  </p>\n<p>Objective: Retrieve the flag stored on the server!</p>\n<p><strong>User Information:</strong>  </p>\n<p>| <strong>Username</strong> | elliot |\n| <strong>Password</strong> | elliotalderson |\n| <strong>Email</strong> | elliot@evilcorp.com |</p>\n<p><strong>API Endpoints:</strong>  </p>\n<p>| <strong>Endpoint</strong> | <strong>Description</strong> | <strong>Method</strong> | <strong>Parameter(s)</strong> |\n| /auth/local | Authenticates the user and returns JWT authentication token | POST | identifier, password |\n| /users | Creates a new user | POST | username, password, email, role, provider |\n| /admin | Access Strapi Admin Panel | GET | - |</p>\n<p>Instructions:\u00a0</p>\n<ul>\n<li>This lab is dedicated to you! No other users are on this network :)</li>\n<li>Once you start the lab, you will have access to a Kali GUI instance.</li>\n<li>Your Kali instance has an interface with IP address 192.X.Y.2. Run \"ifconfig\" to know the values of X and Y.</li>\n<li>The REST API should be running on port 1337 on the machine located at the IP address 192.X.Y.3.</li>\n<li>Do not attack the gateway located at IP address 192.X.Y.1</li>\n</ul>",
    "tasks": "",
    "tasks_html": "",
    "published_date": "2022-03-17T11:44:25.223866Z",
    "solutions": "The solution for this lab can be found in the following manual:\n        <a href=\"https://assets.ine.com/labs/ad-manuals/walkthrough-1351.pdf\" target=\"blank\">https://assets.ine.com/labs/ad-manuals/walkthrough-1351.pdf</a>",
    "solutions_html": "<p>The solution for this lab can be found in the following manual:\n        <a href=\"https://assets.ine.com/labs/ad-manuals/walkthrough-1351.pdf\" target=\"blank\">https://assets.ine.com/labs/ad-manuals/walkthrough-1351.pdf</a></p>",
    "flags": [
        {
            "name": "Flag",
            "type": "short-text",
            "uuid": "71a632af-21a2-40b3-b8fb-ba0fef2ea84b"
        }
    ],
    "min_points_to_pass": null,
    "access_type": "default",
    "user_status": "unstarted",
    "user_lab_status": null,
    "user_status_modified": null,
    "user_flags": [],
    "global_running_session": null
}