tags: Enumeration / Telnet / External / Penetration Tester Level 1
Write-up: meow_write-up.pdf
System: linux
Tasks:
- VM: Virtual Machine
- Synonym for console or shell: terminal
- Service to form a VPN connection: openvpn
- Abbreviation for 'Tunnel Interface': tun
- Tool to test the connection to the target with an ICMP echo request: ping
- Tool to find open ports on a target: nmap
- Service on port 23/tcp: telnet
tags: Enumaration / FTP / External / Penetration Tester Level 1
Write-up: fawn_write-up.pdf
System: linux
Tasks:
- FTP: File Transfer Protocol
- FTP Communication model: Client-Server Model
- Popular GUI FTP program: Filezilla
- FTP port: 21 tcp
- Secure FTP: SFTP
- Test connection: ping
tags: Enumaration / FTP / External / Penetration / Tester Level 1
Write-up: dancing_write-up.pdf
System: windows
Tasks:
- SMB: Server Message Block
- SMB port: 445
- SMB network communication model: Client-Server Model
- Service name on port 445: microsoft-ds
- Tool to connect to SMBshares on linux: smbclient
- Switch to 'list' the content of the SMB share: -L
- Command within the SMB shell to download a file: get
tags: Enumeration / Linux / Redis / Anonymous/Guest Access / Penetration Tester Level 1
Write-up: redeemer_write-up.pdf
System: linux
Tasks:
- Default connection port for Redis-cli to the server: 6379
- Type of Redis database: In-Memory Database
- Command-line utility to interact with the Redis server: Redis-cli
- Redis flag to specify the hostname: -h
- Commandto obtain the information and statistics about the Redis server: info
- Select a database in Reids: select
- Command to obtain all the keys in a Redis database: keys *
tags: Network / Account Misconfiguration
Write-up: explosion_write-up.pdf
System: windows
Tasks:
- RDP: Remote Desktop Protocol
- Command line interface interactions: CLI
- Graphical user interface interactions: GUI
- Old remote access tool without encryption by default: Telnet
- Concept used to verify the identity of the remote host with SSH connections: Public-Key Cryptography
- Tool to initiate a desktop projection to our host using the terminal: xfreerdp
- Service running on 3389/tcp: ms-wbt-server (Microsoft WBT Server, used for RDP).
- Switch used to specify the target host's IP address when using xfreerdp: /v:
tags: PHP / Default Credentials
Write-up: preignition_write-up.pdf
System: linux
Tasks:
- One of the most essential skills to possess as a Penetration Tester: dir busting
- Version detection with nmap: -sV
- Service running on port 80/tcp: http
- Popular directory busting tool: gobuster
- Switch to specify to gobuster to perform dir busting specifically: dir
- Status code when gobuster finds a successful page: 200