The Purple Team Journey: My Cybersecurity Chronicles.

 A Primer on Subnetting ------------------------------- Subnet Mask As we've previously discussed throughout the module so far, Networks can be found in all shapes and sizes - ranging from small to large. Subnetting is the term given to splitting up a network into smaller, miniature networks within itself. Think of it as slicing up a cake for your friends. There's only a certain amount of cake to go around, but everybody wants a piece. Subnetting is you deciding who gets what slice & reserving such a slice of this metaphorical cake. Picture Subnets use IP addresses in three different ways: * Identify the network address * Identify the host address * Identify the default gateway ------------------------------------------------------------------------------------------------------------- 1. Purpose of a Network Address: This address identifies the start of the actual network and is used to identify a network's existence. For example, a device with the IP address of 192.16

 Introducing LAN Topologies LAN: Local Area Network. ---------------------------------------------- 1- Star Topology ---------------------------------------------- * The main premise of a star topology is that devices are individually connected via a central networking device such as a switch or hub.  This topology is the most commonly found today because of its reliability and scalability - despite the cost. * Because more cabling & the purchase of dedicated networking equipment is required for this topology, it is more expensive than any of the other topologies. *  more maintenance is required to keep the network functional. * if the centralized hardware that connects devices fails, these devices will no longer be able to send or receive data. ---------------------------------------------- 2- Bus Topology * This type of connection relies upon a single connection which is known as a backbone cable.  This type of topology is similar to the leaf off of a tree in the sense that devic

* A Bit of Background on Linux Linux is a command line operating system based on Unix. There are multiple operating systems that are based on Linux. Linux is just another operating system and one of the most popular in the world powering smart cars, android devices, supercomputers, home appliances, enterprise servers, and more. -------------------------------------------- Linux powers things such as: - Websites that you visit. - Car entertainment/control panels. - Point of Sale (PoS) systems such as checkout tills and registers in shops. - Critical infrastructures such as traffic light controllers or industrial sensors. ------------------------------------------------------------------------------------------------------------- Flavors of Linux The name "Linux" is actually an umbrella term for multiple OS's that are based on UNIX (another operating system). Thanks to UNIX being open-source, variants of Linux comes in all shapes and sizes - suited best for what the system

1. Load Balancers When a website's traffic starts getting quite large or is running an application that needs to have high availability, one web server might no longer do the job. Load balancers provide two main features, ensuring high traffic websites can handle the load and providing a failover if a server becomes unresponsive. When the user request a website with a load balancer, the load balancer wil receive your request first and then forward it to one of the multiple servers behind it.  The load balancer uses different algorithms to help it decide which server is best to deal with the request.   A couple of examples of these algorithms are round-robin which sends it to each server in turn.  Or weighted, which checks how many requests a server is currently dealing with and sends it to the least busy server.  Load balancers also perform periodic checks with each server to ensure they are running correctly, this is called a health check.  If a server doesn't respond appropri

 What is a Web Server?  A web server is a software that listens for incoming connections and then utilizes the HTTP(S) protocol to deliver web content to its clients.  The most common web server software is Apache, Nginx, IIS and NodeJS. A Web server delivers files from what is called its root directory, which is defined in the software settings.  For example:  ------------------------------------------- Nginx and Apache share the same default location of  /var/www/html  In Linux operating systems. ------------------------------------------- and IIS uses  C:\inetpub\wwwroot In Windows operating systems. ------------------------------------------- For example:  If a user requested the file => http://www.example.com/picture.jpg It would send the file => /var/www/html/picture.jpg From its local hard drive.  --------------------------------------------------------------------------------------------------------------------------------- Virtual Hosts Web servers can host multiple webs

 1. Make a GET request to /room => GET /room HTTP/1.1 Host: tryhackme.com User-Agent: Mozilla/5.0 Firefox/87.0 ---------------------------------------------------------------------------- 2. Make a GET request to /blog, set the id parameter to 1  => GET /blog?id=1 HTTP/1.1 Host: tryhackme.com User-Agent: Mozilla/5.0 Firefox/87.0 ---------------------------------------------------------------------------- Make a DELETE request to /user/1 => DELETE /user/1 HTTP/1.1 Host: tryhackme.com User-Agent: Mozilla/5.0 Firefox/87.0 Content-Length: 0 ---------------------------------------------------------------------------- Make a PUT request to /user/2 with the username parameter set to admin => PUT /user/2 HTTP/1.1 Host: tryhackme.com User-Agent: Mozilla/5.0 Firefox/87.0 Content-Length: 14 username=admin ---------------------------------------------------------------------------- POST the username of thm and a password of letmein to /login => POST /login HTTP/1.1 Host: tryhackme.c

HTTP: HyperText Transfer Protocol HTTPs: HyperText Transfer Protocol Secure ------------------------------------------------------- http is what s used whenever we view a website, developed by Tim Berners-Lee and his team between 1989-1991 Http is the set of rules used to communicating with web servers for the transmitting webpage data, could be html images videos ....  https is the secure version of http.  The data is encrypted to prevent sniffing attacks on the http connection.  It also gives us assurances that we are talking to the correct web server and not something impersonating it. ( dns poisoning attack )  -----------------------------------------------------------------------------------------------------------------------------                                                                             HTTP Methods ----------------------------------------------------------------------------------------------------------------------------- Hypertext Transfer Protocol (HTTP)

 Common Request Headers => Host: Some web servers host multiple websites so by providing the host headers you can tell it which one you require, otherwise you'll just receive the default website for the server. * User-Agent: This is your browser software and version number, telling the web server your browser software helps it format the website properly for your browser and also some elements of HTML, JavaScript and CSS are only available in certain browsers. * Content-Length: When sending data to a web server such as in a form, the content length tells the web server how much data to expect in the web request. This way the server can ensure it isn't missing any data. * Accept-Encoding: Tells the web server what types of compression methods the browser supports so the data can be made smaller for transmitting over the internet. * Cookie: Data sent to the server to help remember your information (see cookies task for more information). ---------------------------------------

 Cookies are saved when we receive a "Set-Cookie" header from a web server. Then every further request the client make, they ll send the cookie data back to the web server.  Because HTTP(S) is stateless, meaning: does not keep track of the previous requests.  Cookies can be used to remind the web server who the client is, some personal settings for the website or whether they have been to the website before. ------------------------------------------------------------------------------------------------------------------------ HTTP request example: https://static-labs.tryhackme.cloud/sites/howhttpworks/cookie_flow.png 1- The client requests the webpage from http://cookies.thm  2- The server responds back with a simple webpage with a form asking for the users name 3- The client sends back the form with the name set to ( 'insert a random name or just a "user" ' )  4- The server responds with a Set-Cookie header telling the client to save the data name=(depends

How?  ------------------------------------------------------------------------------- There are two major components that make up a website: 1. Front End (Client-Side) - the way your browser renders a website. 2. Back End (Server-Side) - a server that processes your request and returns a response. https://assets.tryhackme.com/additional/how-websites-work/client%20server.png What do we need to know about HTML injection as a beginner? ------------------------------------------------------------------------------- https://assets.tryhackme.com/additional/how-websites-work/html_injection.png HTML Injection is a vulnerability that occurs when unfiltered user input is displayed on the page. If a website fails to sanitise user input (filter any "malicious" text that a user inputs into a website), and that input is used on the page, an attacker can inject HTML code into a vulnerable website. Input sanitisation is very important in keeping a website secure, as information a user inputs

 Domain Name System (DNS) is the protocol responsible for resolving hostnames, such as tryhackme.com, to their respective IP addresses. DNS provides a simple way for us to communicate with devices on the internet without remembering complex numbers. Every computer on the internet has its own unique address to communicate with it, called an IP address. For more reference to get you more involved in the DNS world, I will include several useful references to help you self study DNS!  Ref 1 : what is dns protocol in networking? Ref 2 : what is a dns server and what does it do? Ref 3 : Why do we need dns? ------------------------------------------------------------- DNS RFC ? I got you covered!  RFC : 1034 And 1035 Enjoy Self studying! --------------------------------------------------------------------------------------------------------------------- Thanks for reading, Roger

 DNS Record Types. DNS has multiple types of DNS records: 1. A Record These records resolve to IPv4 addresses, for example 104.26.10.229 2. AAAA Record These records resolve to IPv6 addresses, for example 2606:4700:20::681a:be5 3. CNAME Record These records resolve to another domain name. for example:  A Website that is an online shop has the subdomain name store.website.com which returns a CNAME record shops.shopify.com.  Another DNS request would then be made to shops.shopify.com to work out the IP address. 4. MX Record These records resolve to the address of the servers that handle the email for the domain we are querying. => an MX record response for website.com: alt1.aspmx.l.google.com These records also come with a priority flag.  This tells the client in which order to try the servers. This is perfect for if the main server goes down and email needs to be sent to a backup server. 5. TXT Record TXT records are free text fields where any text-based data can be stored.