Posts

Showing posts with the label osint

TryHackMe | DNS Manipulation Walkthrough

Image
  Manipulating DNS queries to our advantage Link - https://tryhackme.com/room/dnsmanipulation If you were on Windows, what command could you use to query a txt record for ‘youtube.com’? nslookup -type=txt youtube.com If you were on Linux, what command could you use to query a txt record for ‘facebook.com’? dig facebook.com TXT AAAA stores what type of IP Address along with the hostname? IPv6 Maximum characters for a DNS TXT Record is 256. (Yay/Nay) Nay What DNS Record provides a domain name in reverse-lookup? (Research) PTR What would the reverse-lookup be for the following IPv4 Address? (192.168.203.2) (Research) 2.203.168.192.in-addr.arpa What is the maximum length of a DNS name? (Research) (Length includes dots!) 253 What is the Transaction name? (Type it as you see it) Network Equip. How much was the Firewall? (Without the $) 2500 Which file contains suspicious DNS queries? cap3.pcap Enter the plain-text after you have decoded the data using packetyGrabber.py found in ~/dns-exf...

TryHackMe | Active Reconnaissance WriteUp

Image
Learn how to use simple tools such as traceroute, ping, telnet, and a web browser to gather information. Link - https://tryhackme.com/room/activerecon Browse to the following website and ensure that you have opened your Developer Tools on AttackBox Firefox, or the browser on your computer. Using the Developer Tools, figure out the total number of questions. Go to the website and right click and “Inspect” . Go to Sources and “script.js” 8 Which option would you use to set the size of the data carried by the ICMP echo request? -s What is the size of the ICMP header in bytes? 8 Does MS Windows Firewall block ping by default? (Y/N) Y Deploy the VM for this task and using the AttackBox terminal, issue the command ping -c 10 MACHINE_IP . How many ping replies did you get back? 10 In Traceroute A, what is the IP address of the last router/hop before reaching tryhackme.com? 172.67.69.208 In Traceroute B, what is the IP address of the last router/hop before reaching tryhackme.com? 104.26.1...

TryHackMe | Passive Reconnaissance WriteUp

Image
Learn about the essential tools for passive reconnaissance, such as whois, nslookup, and dig. Link - https://tryhackme.com/room/passiverecon You visit the Facebook page of the target company, hoping to get some of their employee names. What kind of reconnaissance activity is this? (A for active, P for passive) P You ping the IP address of the company webserver to check if ICMP traffic is blocked. What kind of reconnaissance activity is this? (A for active, P for passive) A You happen to meet the IT administrator of the target company at a party. You try to use social engineering to get more information about their systems and network infrastructure. What kind of reconnaissance activity is this? (A for active, P for passive) A When was TryHackMe.com registered? 20180705 What is the registrar of TryHackMe.com? namecheap.com Which company is TryHackMe.com using for name servers? cloudflare.com Check the TXT records of thmlabs.com. What is the flag there? Lookup tryhackme.com on DNSDumpste...

Eonrec