TryHackMe: Introductory Researching
[Task 1] [Introduction]
[Task 2] [Example Research Question]
- In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?
A_: Repeater
2. What hash format are modern Windows login passwords stored in?
A_: NTLM
3. What are automated tasks called in Linux?
A_: cron jobs
4. What number base could you use as a shorthand for base 2 (binary)?
A_: base 16
4. If a password hash starts with $6$, what format is it (Unix variant)?
A_: sha512crypt
[Task 3] [Vulnerability Searching]
1. What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?
A_: CVE-2020–10385
2. There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. What’s the CVE for this vulnerability?
A_: CVE-2016–1240
3. What is the very first CVE found in the VLC media player?
A_: CVE-2007–0017
3. If I wanted to exploit a 2020 buffer overflow in the sudo program, which CVE would I use?
A_: CVE-2007–0017
[Task 4] [Manual Pages]
1. SCP is a tool used to copy files from one computer to another. What switch would you use to copy an entire directory?
A_: -r
2. fdisk is a command used to view and alter the partitioning scheme used on your hard drive. What switch would you use to list the current partitions?
A_: -L
3. nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with. What switch would you use to make a backup when opening a file with nano?
A_: -B
4. nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with. What switch would you use to make a backup when opening a file with nano?
A_: nc -l -p 1234
nc — netcat
l — listen mode, for inbound
-p — specify port number
