THM-Room: Introductory Researching Walkthrough

in tryhackme •  3 years ago  (edited)

THM: Introductory Researching Walkthrough

ioxoi-thm-introductory-research.png

Link to the room Introductory Researching
Link to the room creator MuirlandOracle
Link to the youtube walkthrough from DarkStar7471

Task 1 - Introduction

No answer needed.

Task 2 - Example Research Question

  • Question 1

In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?
Answer: Repeater

More Informations
ioxoi-thm-introductory-research-q1.png

  • Question 2

What hash format are modern Windows login passwords stored in?
Answer: NTLM

More Informations
Link to wikipedia article about LM-HASH(NTLM)

  • Question 3

What are automated tasks called in Linux?
Answer: cron jobs

More Information
Link to wikipedia article about cron/cron jobs

  • Question 4

What number base could you use as a shorthand for base 2 (binary)?
Answer: Base 16

More Information
Link to additional notes to number bases

  • Question 5

If a password hash starts with $6$, what format is it (Unix variant)?
Answer: sha512crypt

More Information
ioxoi-thm-introductory-research-q5.png

The example hash table from the hashcat wiki

Task 3 - Vulnerability Searching

  • Question 1

What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?
Answer: CVE-2020-10385

More Information
Link to the CVE-2020-10385

  • Question 2

There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. What's the CVE for this vulnerability?
Answer: CVE-2016-1240

More Information
Link to the CVE-2016-1240

  • Question 3

What is the very first CVE found in the VLC media player?
Answer: CVE-2007-0017

More Information
Link to the CVE-2007-0017

  • Question 4

What is the very first CVE found in the VLC media player?
Answer: CVE-2019-18634

More Information
Link to the CVE-2019-18634

Task 4 - Manual Pages

  • Question 1

SCP is a tool used to copy files from one computer to another. What switch would you use to copy an entire directory?
Answer: -r

More Information

man scp
ioxoi-thm-introductory-research-t4-q1.png

  • Question 2

fdisk is a command used to view and alter the partitioning scheme used on your hard drive. What switch would you use to list the current partitions?
Answer: -l

More Information

man fdisk
ioxoi-thm-introductory-research-t4-q2.png

  • Question 3

nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with. What switch would you use to make a backup when opening a file with nano?
Answer: -B

More Information

man nano
ioxoi-thm-introductory-research-t4-q3.png

  • Question 4

Netcat is a basic tool used to manually send and receive network requests. What command would you use to start netcat in listen mode, using port 12345?
Answer: nc -l -p 12345

More Information

man netcat
ioxoi-thm-introductory-research-t4-q4-1.png ioxoi-thm-introductory-research-t4-q4-2.png

Task 5 - Final Thoughts

No answer needed.

tryhackme walkthrough learning cybersecurity
3 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.02
  • Past Payouts $0.02
  • - Author $0.02
  • - Curators $0.00
2 votes
1
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  
  • Trending
    • Loading...