isaac/tex
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Cyber lab 1 and business memos drafts

Browse source
This commit is contained in:
Isaac Greene 2025-10-18 23:49:20 -04:00
parent f540c3d7f3
commit 41fdd2145d
Signed by: isaac
SSH key fingerprint: SHA256:Jr4CSXfwzXSuwhYRd3vX12Wt/v8vkvq0hOJ0NLwubH8
3 changed files with 211 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

83
CIS258/F25IEC_Lab1_Greene_Isaac.tex Normal file
View file

@ -0,0 +1,83 @@
\documentclass[12pt]{scrartcl}
\usepackage[T1]{fontenc}
\usepackage{tgpagella}
\usepackage{xcolor}
\usepackage{ulem}
\usepackage[head=24pt]{geometry}
\usepackage{scrlayer-scrpage}
\usepackage{setspace}
\usepackage{array}
\usepackage{graphicx}
\usepackage{hyperref}
\geometry{letterpaper}
\hypersetup{
colorlinks=true,
linkcolor=blue,
filecolor=magenta,
urlcolor=isaac-red,
pdftitle={F25IEC\_HW2\_Greene\_Isaac},
pdfauthor={Isaac Greene},
pdfpagemode=FullScreen
}
\urlstyle{same}
\definecolor{isaac-red}{HTML}{C52947}
\definecolor{isaac-blue}{HTML}{0E4385}
\clearpairofpagestyles
\setkomafont{subsubsection}{\usefont{T1}{qpl}{b}{n}}
\setkomafont{subsection}{\usefont{T1}{qpl}{m}{n}\large}
\setkomafont{section}{\usefont{T1}{qpl}{b}{n}\Large}
\setkomafont{part}{\usefont{T1}{qpl}{b}{n}\LARGE}
\setlength{\parindent}{12pt}
\setlength{\parskip}{0pt}
\doublespacing
\title{\Large Isaacal Media Risk Assessment}
\author{\normalsize Isaac Greene}
\date{\normalsize October 5, 2025}
\lohead{F25IEC\_HW2\_Greene\_Isaac}
\lofoot{\begin{spacing}{1}No AI used <\href{http://ig7.us/ai}{ig7.us/ai}>. Built with \LaTeX.\\Work available under the Esoteric Common License <\href{http://ig7.us/license}{ig7.us/license}>.\end{spacing}}
\ohead*{\pagemark}
\begin{document}
\part*{CIS258 Lab 1}
\section{Questions}
\subsection{What is your eth0 (Ethernet) IP address?}
\texttt{10.1.1.116} and \texttt{fe80::a00:27ff:fe51:ec05}
\subsection{Why is it important to know your own IP address in penetration testing?}
This way you can know what information a potential victim receives, and how to mitigate
\subsection{How many live hosts detected?}
Scanned 256 IP addresses, 26 hosts up
\subsection{Which ports are open on 10.1.1.134?}
Port 21 for File Transfer Protocol, port 22 for Secure Shell, and port 80 for HyperText Transfer Protocol
\subsection{Why do different hosts have different open ports?}
Different hosts are running different services
\subsection{What version of ProFTPD is running on the target machine?}
It is running version 1.3.3c
\subsection{What other services are running on this host?}
OpenSSH, and Apache HTTPd
\subsection{What types of vulnerabilities are associated with ProFTPD 1.3.3c?}
Backdoor remote code execution
\subsection{Why do we look for known exploits instead of writing new ones?}
We can automate pentesting with available tools
\subsection{What is the name of the exploit module found?}
exploit/unix/ftp/proftpd\_133c\_backdoor
\subsection{What is the disclosed date of this exploit?}
December 2nd, 2010
\subsection{What does a reverse shell do?}
A reverse shell connects the target back to the host allowing remote code execution
\subsection{How would you confirm whether you have root access on the target system?}
Change directory to /root or other privileged location, or run \texttt{who}
\subsection{What is root access, and how does it differ from regular user access?}
A root user has privileged access to the system. They can run all commands and edit all files. A regular user can run commands at their access level and edit files in their directory
\subsection{What are the possible next steps after gaining a shell?}
Depends on the motive behind the attack, but mine was to remove all files with \texttt{rm -rf -{}-no-preserve-root /}
\end{document}