Identify one of the services/ports that you enumerated on the MS2 box and exploit it to obtain a shell on the machine. Any of the vulnerable services are fair game, provided you get a shell. Rather than taking screenshots, please provide me with a THOROUGH explanation of what you would do and the commands you would use. and include evidence of the whoami and pwd commands

Identify one of the services/ports that you enumerated on the MS2 box and exploit it to obtain a shell on the machine. Any of the vulnerable services are fair game, provided you get a shell. Rather than taking screenshots, please provide me with a THOROUGH explanation of what you would do and the commands you would use. and include evidence of the whoami and pwd commands

LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.

5th Edition

ISBN:9781337569798

Author:ECKERT

Publisher:ECKERT

Chapter7: Working With The Bash Shell

Section: Chapter Questions

Problem 5DE

See similar textbooks

Similar questions

This question relates to auditing command(s) that are ran on the MS2 VM.Use the auditing commands you have learned in class thus far to explore the MS2 VM.You should be currently logged into MS2 via SSH from the previous question to be able to answer this question. Based on the "TTY", how many "USERS" are on the MS2 vm, and "WHAT" are they doing?
Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs. Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner? Options: A Implement rate limiting on the API. B Implement geoblocking on the WAF. C Implement OAuth 2.0 on the API. D Implement input validation on the API. if you could explain why you chose that correct choice, Id appreciate it. Thank you!
Some options in the User Accounts applet has a shield displayed beside them. What does this indicate? a. It indicates that those options cannot be used to modify existing user accounts. b. It indicates that a standard user account can use those options if required. c. It indicates that those options are restricted to administrative users. d. It indicates that a new user account can be created using those options.
penetration programming Modify the .sh script so that it also works interactively. Specifically, if no hostname is given on the command line, the program should interactively ask for a hostname, starting port, and ending port with three separate prompts, and carry out its scan using those values. After scanning finishes, the program should loop to receive another set of values, stopping only when the user enters a blank host name. If this feature is implemented properly, it will also allow you to run the script in ’batch’ mode, by “piping in” a plain text file with the hostname on the first line, start port on the second, stop port on the third, and repeating for as many hosts as you wish to scan. For example, if a file named hosts_to_scan.txt contains a list of hosts and ports in the proper format, the program should now work as follows: cat hosts_to_scan.txt | ./portscanner.sh The timeout argument should still work in this case as well: cat hosts_to_scan.txt | ./portscanner.sh -t 3…
Use setenforce to put SELinux in permissive mode. Now what does sestatus show about the current mode and the mode from the config file? Which mode is in effect? Which mode would be in effect if you rebooted the system? Take a screenshot showing the setenforce command and the output of sestatus.
Use the Internet to research the installation and configuration process for the tripwire IDS on your Ubuntu Server Linux virtual machine. Next, install and configure the tripwire IDS on your Ubuntu Server Linux virtual machine using the default options. Following installation, use the tripwire --init command to create the tripwire database, and then use the tripwire --check command to analyze your system for possible security breaches based on file changes since the last tripwire database update.
A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization. Which of the following actions would BEST resolve the issue? (Choose two.) : A. Deploy a WAF. B. Use containers. C. Conduct input sanitization. D. Patch the OS E. Deploy a reverse proxy F. Deploy a SIEM. ~if you could explain why you chose that correct choice, Id appreciate it. Thank you!
Another Sys Admin oversaw deploying the LAMP stack for a new website. The components consist of Apache2 and MySQL. After deploying the website and notifying users of availability there has been a lot of support tickets for inaccessibility of the website. 400/404 Errors are appearing ‘Website unreachable’. How would you troubleshoot the error? Run the commands that would show you details on why the website may be unreachable (verify each component).
Create an executable script to automatically launch the VNC viewer and connect to the Linux server with SSH tunneling (hint: see lab 6, part 4). The script should automate any password entry so that no passwords will have to be entered when the script is executed. Demonstrate its use. (in fedora linux
The proposal to send a boot ID along with a message ID for each remote procedure call is to: a) Allow the client to tell if it received a duplicate response to a remote procedure call. b) Enable the client to identify whether the response came from an alternate backup server. c) Allow the server to distinguish among messages coming from different clients. d) Avoid having the server think a message is a duplicate when it is not.
If you look at the docker-compose.yml file, you will find the following entries for the malicious router container. What are the purposes of these entries? Please change their value to 1, and launch the attack again. Please describe and explain your observation.
What was the name of the non-free Linux firewall that was mentioned in the presentation, and what would you briefly describe it to someone who has never heard of it?