Appointment
Target Information:
- IP: 10.129.185.13
- Running Apache 2.4.38 on port 80
=================================================
TASK #1: What does the acronym SQL stand for?
- A: Structured Query Language
TASK #2: What is one of the most common type of SQL vulnerabilities?
- A: SQL Injection
TASK #3: What does PII stand for?
- A: Personally Identifiable Information
TASK #4: What does the OWASP Top 10 list name the classification for this vulnerability?
- A: A03:2021-Injection
- https://owasp.org/www-project-top-ten/
TASK #5: What service and version are running on port 80 of the target?
- A: Apache httpd 2.4.38 ((Debian))
nmap -A -T4 10.129.185.13
TASK #6: What is the standard port used for the HTTPS protocol?
- A: 443
TASK #7: What is one luck-based method of exploiting login pages?
- A: brute-forcing
TASK #8: What is a folder called in web-application terminology?
- A: Directory
TASK #9: What response code is given for "Not Found" errors?
- A: 404
TASK #10: What switch do we use with Gobuster to specify we're looking to discover directories, and not subdomains?
- A: dir
- Install Go
-
https://linuxhint.com/install-go-ubuntu-2/
cd /tmp
wget https://go.dev/dl/go1.19.1.linux-amd64.tar.gz
s
udo tar -xzf go1.19.1.linux-amd64.tar.gz -C /usr/local/`sudo nano /etc/profile
-
- Install gobuster
go install github.com/OJ/gobuster/v3@latest
wget https://raw.githubusercontent.com/v0re/dirb/master/wordlists/common.txt
gobuster dir -u 10.129.185.13 -w common.txt -q -n -e
TASK #11: What symbol do we use to comment out parts of the code?
- A: #
Root Flag: e3d0796d002a446c0e622226f42e9672
- SQL injection:
- Username: admin'#
- Password: admin123