Introductory Researching

-

This room is part of "Complete Beginner " Pathway.

It is simply how to research stuff in cyber using google and the such. 

Task 2) Example Research Question:

First Question: In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?

How it'll go:

step 1: Go to Google.com 

step 2: search "What is the model used in burp suite to send a request?"

Answer: Repeater














Second Question: What hash format are modern Windows login passwords stored in?

my search: "what hash does the windows operating system for its stored passwords?"
Answer: NTLM














Third question:  What are automated tasks called in Linux?
Search: what do we use to automate tasks in linux os??














And the answer is Cron Jobs. 

You Got the idea.


Question 4: What number based could you use as a shorthand for base 2 (binary)?

Answer: Base 16


Question 5: If a password hash starts with $6$, what format is it (Unix variant)? 

Answer: sha512crypt

------------------------------------------------------------------------

Task 3) Vulnerability Searching: 


Some online vulnerability databases 


1. ExploitDB
2. NVD
3. CVE Mitre


And we can use the open source tool, the really famous "searchsploit"


Moving on...


Q: What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?

A: CVE-2020-10385


Q: There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. What's the CVE for this vulnerability?

A: CVE-2016-1240


Note: Remember the format is CVE-YEAR-NUMBER


Q: What is the very first CVE found in the VLC media player? 

A: CVE-2007-0017


Q: If you wanted to exploit a 2020 buffer overflow in the sudo program, which CVE would you use?

A: CVE-2019-18634

------------------------------------------------------------------------

Task 4) Manual Pages.

The manual pages are part of the linux fundamentals aswell, which is one of the most useful linux tools 


1. SCP is a tool used to copy files from one computer to another

Q: What switch would you use to copy an entire directory?

A: -r


2. fdisk is a command used to view and alter the partitioning scheme used on your hard drive.

Q: What switch would you use to list the current partitions?

A: -l


3. nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with.

Q: What switch would you use to make a backup when opening a file with nano?

A: -B


4. Netcat is a basic tool used to manually send and receive network requests. 

Q: What command would you use to start netcat in listen mode, using port 12345?

A: nc -l -p 12345

------------------------------------------------------------------------

Thanks for reading! 


Roger - Ozz961.

Comments

Post a Comment

Popular posts from this blog

Common Network Commands: Ping

-
Ping Command Overview The `ping` command is a fundamental utility used in network diagnostics. It checks the reachability of a host on an Internet Protocol (IP) network and measures the round-trip time for messages sent from the originating host to a destination computer. The command uses the Internet Control Message Protocol (ICMP) to send echo request packets and listens for echo replies. Origin and Development The `ping` command was developed in 1983 by Mike Muuss as a diagnostic tool for the ARPANET. Since then, it has become a standard utility available on most operating systems, including Linux, Windows, and macOS, making it an essential tool for network administrators and users. Basic Functionality The `ping` command serves several functions: - Tests connectivity to a specified host. - Measures the time taken for packets to travel to the destination and back. - Provides statistics about packet loss and round-trip time. Key Command Syntax 1. Basic Syntax:    ```    ping [options]
Read more

Common Network Commands: Route

-
Route Command Overview The route command is a part of the older net-tools package used in Linux systems for viewing and manipulating the IP routing table. It provides information about how packets are routed through the network and allows for the addition, deletion, and modification of routes. Origin and Development Historically, the route command has been a primary tool for managing network routing in Linux. However, it has largely been replaced by the ip command from the iproute2 package, which offers more advanced features and capabilities. Despite this, route is still commonly used in many Linux distributions for its simplicity and familiarity. Basic Functionality The route command serves several functions: - Displays the current routing table entries. - Shows destination networks, gateways, and associated interfaces. - Allows for the addition, deletion, and modification of routes. Key Command Syntax 1. Display Routing Table:    ```    route -n    ```    The -n option prevents DNS
Read more

John The Ripper

-
John the Ripper  Is one of the most well known, well-loved and versatile hash cracking tools out there. It combines a fast cracking speed, with an extraordinary range of compatible hash types. This room will assume no previous knowledge, so we must first cover some basic terms and concepts before we move into practical hash cracking. A hash is a way of taking a piece of data of any length and  representing it in another form that is a fixed length. This masks the original value of the data. This is done by running the original data through a hashing algorithm. There are many popular hashing algorithms, such as MD4,MD5, SHA1 and NTLM. Lets try and show this with an example: If we take "polo", a string of 4 characters- and run it through an MD5 hashing algorithm, we end up with an output of: b53759f3ce692de7aff1b5779d3964da a standard 32 character MD5 hash. Likewise, if we take "polomints", a string of 9 characters- and run it through the same MD5 hashing algorithm, w
Read more