Meow

1. What does the acronym VM stand for?

Virtual Machine

2. What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It’s also known as a console or shell.

terminal

3. What service do we use to form our VPN connection into HTB labs?

openvpn

4. What is the abbreviated name for a ‘tunnel interface’ in the output of your VPN boot-up sequence output?

tun

5. What tool do we use to test our connection to the target with an ICMP echo request?

ping

6. What is the name of the most common tool for finding open ports on a target?

nmap

7. What service do we identify on port 23/tcp during our scans?

telnet

8. What username is able to log into the target over telnet with a blank password?

root

Fawn

1. What does the 3-letter acronym FTP stand for?

File Transfer Protocol

2. Which port does the FTP service listen on usually?

21

3. What acronym is used for the secure version of FTP?

SFTP

4. What is the command we can use to send an ICMP echo request to test our connection to the target?

ping

5. From your scans, what version is FTP running on the target?

vsftpd 3.0.3

6. From your scans, what OS type is running on the target?

Unix

7. What is the command we need to run in order to display the ‘ftp’ client help menu?

ftp -h

8. What is username that is used over FTP when you want to log in without having an account?

anonymous

9. What is the response code we get for the FTP message ‘Login successful’?

230

10. There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system.

ls

11. What is the command used to download the file we found on the FTP server?

get

Dancing

1. What does the 3-letter acronym SMB stand for?

Server Message Block

2. What port does SMB use to operate at?

445

3. What is the service name for port 445 that came up in our Nmap scan?

microsoft-ds

4. What is the ‘flag’ or ‘switch’ we can use with the SMB tool to ‘list’ the contents of the share?

-L

5. How many shares are there on Dancing?

4

6. What is the name of the share we are able to access in the end with a blank password?

WorkShares

7. What is the command we can use within the SMB shell to download the files we find?

get

Redeemer

1. Which TCP port is open on the machine?

6379

2. Which service is running on the port that is open on the machine?

redis

3. What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database

n-memory Database

4. Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.

redis-cli

5. Which flag is used with the Redis command-line utility to specify the hostname?

info

6. What is the version of the Redis server being used on the target machine?

5.0.7

7. Which command is used to select the desired database in Redis?

select

8. How many keys are present inside the database with index 0?

4

9. Which command is used to obtain all the keys in a database?

keys *