THM: Introductory Researching Walkthrough
Link to the room Introductory Researching
Link to the room creator MuirlandOracle
Link to the youtube walkthrough from DarkStar7471
Task 1 - Introduction
No answer needed.
Task 2 - Example Research Question
Question 1
In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?
Answer: Repeater
More Informations
Question 2
What hash format are modern Windows login passwords stored in?
Answer: NTLM
More Informations
Link to wikipedia article about LM-HASH(NTLM)
Question 3
What are automated tasks called in Linux?
Answer: cron jobs
More Information
Link to wikipedia article about cron/cron jobs
Question 4
What number base could you use as a shorthand for base 2 (binary)?
Answer: Base 16
More Information
Link to additional notes to number bases
Question 5
If a password hash starts with $6$, what format is it (Unix variant)?
Answer: sha512crypt
More Information
The example hash table from the hashcat wiki
Task 3 - Vulnerability Searching
Question 1
What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?
Answer: CVE-2020-10385
More Information
Link to the CVE-2020-10385
Question 2
There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. What's the CVE for this vulnerability?
Answer: CVE-2016-1240
More Information
Link to the CVE-2016-1240
Question 3
What is the very first CVE found in the VLC media player?
Answer: CVE-2007-0017
More Information
Link to the CVE-2007-0017
Question 4
What is the very first CVE found in the VLC media player?
Answer: CVE-2019-18634
More Information
Link to the CVE-2019-18634
Task 4 - Manual Pages
Question 1
SCP is a tool used to copy files from one computer to another. What switch would you use to copy an entire directory?
Answer: -r
More Information
man scp
Question 2
fdisk is a command used to view and alter the partitioning scheme used on your hard drive. What switch would you use to list the current partitions?
Answer: -l
More Information
man fdisk
Question 3
nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with. What switch would you use to make a backup when opening a file with nano?
Answer: -B
More Information
man nano
Question 4
Netcat is a basic tool used to manually send and receive network requests. What command would you use to start netcat in listen mode, using port 12345?
Answer: nc -l -p 12345
More Information
man netcat
Task 5 - Final Thoughts
No answer needed.
Hello @ioxoi! This is @indayclara from @ocd (Original Content Decentralized) team. We saw that you already posted your first blog here in Hive! Congratulations and welcome!
Anyways, the best way to start your journey here in Hive is do an awesome introduction post telling us more about your passion and interests. You can choose on whatever information you would like to share and be creative as you want to be. This will help other Hivers get to know you and be comfortable supporting your works here.
It's also best to subscribe to Communities you like and share your blogs there to have a wider range of audience. Or you can check out the Communities Incubation Program.
Also, letting you know since content on the Hive platform is monetized, using other people’s ideas or images could be considered as an offense and which is also viewed in a serious light on the blockchain. Here is a useful collection of resources about how plagiarism and abuse is viewed and handled on Hive.
If you are looking for tips and information as a Hive newbie, click here: Newbie guide. If you have questions, you can hop into Discord server and we'll gladly answer your questions. Feel free to tag @lovesniper @indayclara once you have made your awesome introduction post! See you around.