Skip to main content

THM | Introductory Researching

· 3 min read

Complete Beginner Introduction | Introductory Researching | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Introductory Researching room.

Disclaimer: Please note that this write-up is NOT intended to replace the original room or its content, but rather serve as supplementary material for those who are stuck and need additional guidance.

Task | 1 | Introduction

Question 1: Read the Introduction

No answer needed

Task | 2 | Example Research Question

Question 1: In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?

Repeater

Question 2: What hash format are modern Windows login passwords stored in?

NTLM

Question 3: What are automated tasks called in Linux?

Cron Jobs

Question 4: What number base could you use as a shorthand for base 2 (binary)?

Base 16

Question 5: If a password hash starts with $6$, what format is it (Unix variant)?

sha512crypt

Task | 3 | Vulnerability Searching

Question 1: What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?

CVE-2020-10385

Question 2: There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. What's the CVE for this vulnerability?

CVE-2016-1240

Question 3: What is the very first CVE found in the VLC media player?

CVE-2007-0017

Question 4: If you wanted to exploit a 2020 buffer overflow in the sudo program, which CVE would you use?

CVE-2019-18634

Task | 4 | Manual Pages

Question 1: SCP is a tool used to copy files from one computer to another. What switch would you use to copy an entire directory?

-r

Question 2: fdisk is a command used to view and alter the partitioning scheme used on your hard drive. What switch would you use to list the current partitions?

-l

Question 3: nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with. What switch would you use to make a backup when opening a file with nano?

-B

Question 4: Netcat is a basic tool used to manually send and receive network requests. What command would you use to start netcat in listen mode, using port 12345?

nc -l -p 12345

Task | 5 | Final Thoughts

Question 1: Research Complete!

No answer needed