Our Blog

user
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext. Which file do you have to clean to clear the password? Option 1 : .bashrc Option 2 : .bash_history Option 3 : .profile Option 4 : .XSession-log 1. .bashrc The .bashrc file may be a script file that’s executed
public-facing system
Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem and how the owner can protect themselves from that vulnerability. He also sent an email to Microsoft informing them of the problem that their systems are exposed to. What type of hacker is Nicolas? Option 1 : Gray hat Option 2 : White hat Option 3
web server
What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages? Option 1 : idq.dll Option 2 : administration.config Option 3 : httpd.conf Option 4 : php.ini 1. idq.dll idq.dll may be a library employed by ISAPI for indexing. idq.dll may be a system process that’s needed for your PC to figure properly. It shouldn’t be removed. The idq.dll is an executable
penetration tester
You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are attempting to break into the wireless network with the SSID “Brakeme-Internal.” You realize that this network uses WPA3 encryption. Which of the following vulnerabilities is the promising to exploit? Option 1 : AP misconfiguration Option 2 : Key reinstallation attack Option 3 : Dragonblood Option 4 : Cross-site request forgery 1. AP misconfiguration The Misconfigured APs are
wireless network
Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred? Option 1 : Wireless sniffing Option 2 : Wardriving Option 3 : Piggybacking Option 4 : Evil twin 1. Wireless sniffing A wireless sniffer may be a sort of packet analyzer. A packet analyzer (also referred to
MSP
Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks

Leave a Comment