❓Questions

35 Questions

1. What is the IP address of the host running SAMBA?

   1. 192.168.100.52

2. What is the IP address of the host running WordPress?

   1. 192.168.100.50

3. What version of MySQL is running on the system hosting a Drupal site?

   1. MySQL 5.5.5

4. How many hosts on the DMZ network are running a web server on port 80?

   1. 4

5. What Linux distribution is running on the host running the Drupal site?

   1. Ubuntu

6. What services does Syntex provide to companies?

   1. Workflow Development

   

   Untitled

   
7. What is the email of the admin user on the Drupal site?

   1. admin@syntex.com

8. What is the name of the active theme on the WordPress site?

   1. spintech

9. How many systems on the target network have FTP servers with anonymous access enabled?

   1. 2

10. How many user accounts can be enumerated from the SAMBA server running on the system hosting Drupal?

    1. 3

11. What type of vulnerability can be exploited to elevate your privileges on the Linux host running Drupal?

    1. RCE

12. What type of vulnerability can be exploited on the Drupal site?

    1. RCE

13. Which one of the following MSF modules can be used to obtain an elevated reverse shell on WINSERVER-02? 1.

14. Which one of the following meterpreter commands can be used to add a network route?

    1. autoroute

15. What is the subnet of the internal network? 1.

16. One of the Linux servers in the internal network is running a vulnerable service. What port is the vulnerable service running on? 1.

17. What is the password of the user account "dbadmin" on the Linux server hosting Drupal?

    1. sayang

18. A target system has a user account called "lawrence". What is the password for this account? 1.

19. What is the password of the user account "mary" on WINSERVER-03? 1.

20. What is the CVSS V3.x rating for the Drupalgeddon2 vulnerability?

    1. 9.8

21. What host within the DMZ network can be exploited via command injection.

    1. WINSERVER-02

22. What web server contains a file called "todo.txt"? 1.

23. How many Drupal accounts exist on the Drupal site?

    1. 4

24. What version of WordPress is running on WINSERVER-01?

    1. 5.9.3

25. How many plugins are installed on the WordPress site?

    1. 2

26. What WordPress file stores the database configuration?

    1. wp-congif.php

27. What is the root password of the MySQL database on the server running Drupal?

    1. 7C695400AEECFFAD9251CB1CF2DC6CE8A143FCE9

28. Excluding the guest account, how many user accounts are present on WINSERVER-01?

    1. 4

29. What is the total number of open TCP ports running on WINSERVER-02?

    1. 14

30. What user account is a member of the local administrators group on WINSERVER-03? 1.

31. What is the hashing algorithm used to hash user account passwords on both Linux servers? 1.

32. A system contains the file C:\Users\mike\Documents\flag.txt; what is the value of the flag? 1.

33. The server hosting Drupal contains the file /home/auditor/flag.txt. What is the value of the flag? 1.

34. What is the value of the flag C:\Users\Administrator\flag.txt on WINSERVER-03? 1.

35. What Windows utility can be used to download files from a remote web server?

    1. certutil