\documentclass[12pt]{scrartcl}
\usepackage[T1]{fontenc}
\usepackage{tgpagella}
\usepackage{xcolor}
\usepackage{ulem}
\usepackage[head=24pt]{geometry}
\usepackage{scrlayer-scrpage}
\usepackage{setspace}
\usepackage{array}
\usepackage{graphicx}
\usepackage{hyperref}

\geometry{letterpaper}

\hypersetup{
    colorlinks=true,
    linkcolor=blue,
    filecolor=magenta,      
    urlcolor=isaac-red,
    pdftitle={F25IEC\_HW2\_Greene\_Isaac},
    pdfauthor={Isaac Greene},
    pdfpagemode=FullScreen
}
\urlstyle{same}


\definecolor{isaac-red}{HTML}{C52947}
\definecolor{isaac-blue}{HTML}{0E4385}

\clearpairofpagestyles

\setkomafont{subsubsection}{\usefont{T1}{qpl}{b}{n}}
\setkomafont{subsection}{\usefont{T1}{qpl}{m}{n}\large}
\setkomafont{section}{\usefont{T1}{qpl}{b}{n}\Large}
\setkomafont{part}{\usefont{T1}{qpl}{b}{n}\LARGE}

\setlength{\parindent}{12pt}
\setlength{\parskip}{0pt}
\doublespacing

\title{\Large Isaacal Media Risk Assessment}
\author{\normalsize Isaac Greene}
\date{\normalsize October 5, 2025}

\lohead{F25IEC\_HW2\_Greene\_Isaac}
\lofoot{\begin{spacing}{1}No AI used <\href{http://ig7.us/ai}{ig7.us/ai}>. Built with \LaTeX.\\Work available under the Esoteric Common License <\href{http://ig7.us/license}{ig7.us/license}>.\end{spacing}}
\ohead*{\pagemark}

\begin{document}
\part*{CIS258 Lab 1}

\section{Questions}
\subsection{What is your eth0 (Ethernet) IP address?}
\texttt{10.1.1.116} and \texttt{fe80::a00:27ff:fe51:ec05}
\subsection{Why is it important to know your own IP address in penetration testing?}
This way you can know what information a potential victim receives, and how to mitigate
\subsection{How many live hosts detected?}
Scanned 256 IP addresses, 26 hosts up
\subsection{Which ports are open on 10.1.1.134?}
Port 21 for File Transfer Protocol, port 22 for Secure Shell, and port 80 for HyperText Transfer Protocol
\subsection{Why do different hosts have different open ports?}
Different hosts are running different services
\subsection{What version of ProFTPD is running on the target machine?}
It is running version 1.3.3c
\subsection{What other services are running on this host?}
OpenSSH, and Apache HTTPd
\subsection{What types of vulnerabilities are associated with ProFTPD 1.3.3c?}
Backdoor remote code execution
\subsection{Why do we look for known exploits instead of writing new ones?}
We can automate pentesting with available tools
\subsection{What is the name of the exploit module found?}
exploit/unix/ftp/proftpd\_133c\_backdoor
\subsection{What is the disclosed date of this exploit?}
December 2nd, 2010
\subsection{What does a reverse shell do?}
A reverse shell connects the target back to the host allowing remote code execution
\subsection{How would you confirm whether you have root access on the target system?}
Change directory to /root or other privileged location, or run \texttt{who}
\subsection{What is root access, and how does it differ from regular user access?}
A root user has privileged access to the system. They can run all commands and edit all files. A regular user can run commands at their access level and edit files in their directory
\subsection{What are the possible next steps after gaining a shell?}
Depends on the motive behind the attack, but mine was to remove all files with \texttt{rm -rf -{}-no-preserve-root /}
\end{document}