Entregable Intermedio 2 - Javier Mendoza (5)

•

Outros

0

Muchos Materiales

30/11/2022

¡Estudia con miles de materiales!

Entonces, ¿te gustó este material?

Ayude a animar a otros estudiantes a mejorar el contenido

¿Te gustó este material? ¡Compartir! 🧡

Ingeniería Civil

107.184 Materiales compartidos

Descarga la aplicación para disfrutar aún más

Lea materiales sin conexión, sin usar Internet. Además de muchas otras características!

Vista previa del material en texto

Cuestionarios.
Ejercicio 1.
#1 What distribution of Linux is being used on this machine?
Kali
#2 What is the MD5 hash of the apache access.log?
d41d8cd98f00b204e9800998ecf8427e
#3 It is believed that a credential dumping tool was downloaded? What is the file name of the download?
Si, mimikatz
#4 There was a super-secret file created. What is the absolute path?
root/Desktop/SuperSecretFile.txt
#5 What program used didyouthinkwedmakeiteasy.jpg during execution?
binwalk
#6 What is the third goal from the checklist Karen created?
Beneficio económico
#7 How many times was apache run?
Ninguna
#8 It is believed this machine was used to attack another. What file proves this?
fisrtscrip_fixed
#9 Within the Documents file path, it is believed that Karen was taunting a fellow computer expert through a bash script. Who was Karen taunting?
Bob
#10 A user su'd to root at 11:26 multiple times. Who was it?
Karen
#11 Based on the bash history, what is the current working directory?
Myfisrthack
Ejercicio 2.
#1 What is the system timezone?
GMT-4
#2 Who was the last user to log in to the system?
CRON
#3 What was the source port the user 'mail' connected from?
67
#4 How long was the last session for user 'mail'? (Minutes only)
60 minutes
#5 Which server service did the last user use to log in to the system?
DHCP
#6 What type of authentication attack was performed against the target machine?
#7 How many IP addresses are listed in the '/var/log/lastlog' file?
192.168.210.131 192.168.56.101
#8 How many users have a login shell?
George Wu, Peter Tobias
#9 What is the password of the mail user?
php
#10 Which user account was created by the attacker?
webadmin
#11 How many user groups exist on the machine?
45
#12 How many users have sudo access?
2
#13 What is the home directory of the PHP user?
#14 What command did the attacker use to gain root privilege? (Answer contains two spaces).
Sudo su
#15 Which file did the user 'root' delete?
r00t.blend
#16 Recover the deleted file, open it and extract the exploit author name.
#17 What is the content management system (CMS) installed on the machine?
Drupal
#18 What is the version of the CMS installed on the machine?
7
#19 Which port was listening to receive the attacker's reverse shell?
67
2