Go to Qiita Advent Calendar 2024 Top
LoginSignup
1
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

@kk0128

【TryHackMe】Passive Reconnaissance:Walkthrough

Posted at

概要

TryHackMe「Passive Reconnaissance」のWalkthroughです。

Task2

Q1.You visit the Facebook page of the target company, hoping to get some of their employee names. What kind of reconnaissance activity is this? (A for active, P for passive)

A.P

Q2.You ping the IP address of the company webserver to check if ICMP traffic is blocked. What kind of reconnaissance activity is this? (A for active, P for passive)

A.A

Q3.You happen to meet the IT administrator of the target company at a party. You try to use social engineering to get more information about their systems and network infrastructure. What kind of reconnaissance activity is this? (A for active, P for passive)

A.A

Task3

Q1.When was TryHackMe.com registered?

Hint.Use the format YYYYMMDD

whoisコマンドで情報を取得します。

$ whois tryhackme.com

(省略)

Creation Date: 2018-07-05T19:46:15Z

A.20180705

Q2.What is the registrar of TryHackMe.com?

Hint.Give its domain name

Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com

A.namecheap.com

Q3.Which company is TryHackMe.com using for name servers?

Hint.Give its domain name

Name Server: KIP.NS.CLOUDFLARE.COM
Name Server: UMA.NS.CLOUDFLARE.COM

A.cloudflare.com

Task4

Q1.Check the TXT records of thmlabs.com. What is the flag there?

thmlabs.comTXTレコードを確認します。

$ dig thmlabs.com TXT

(省略)

;; ANSWER SECTION:
thmlabs.com.            300     IN      TXT     "THM{a5b83929888ed36acb0272971e438d78}"

A.THM{a5b83929888ed36acb0272971e438d78}

Task5

Q1.Lookup tryhackme.com on DNSDumpster. What is one interesting subdomain that you would discover in addition to www and blog?

DNSDumpstertryhackme.comを検索します。

image.png

A.remote

Task6

Q1.According to Shodan.io, what is the 2nd country in the world in terms of the number of publicly accessible Apache servers?

Hint.To find the answer, you can search for Apache on Shodan.io.

shodanでapacheを検索します。

image.png

A.Germany

Q2.Based on Shodan.io, what is the 3rd most common port used for Apache?

Hint.To find the answer, you can search for Apache on Shodan.io.

apacheで検索し、portのランキングを確認します。

image.png

A.8080

Q3.Based on Shodan.io, what is the 3rd most common port used for nginx?

Hint.To find the answer, you can search for nginx on Shodan.io.

nginxを検索し、portのランキングを確認します。

image.png

A.5001

1
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?