Identify one of the services/ports that you enumerated on the MS2 box and exploit it to obtain a shell on the machine. Any of the vulnerable services are fair game, provided you get a shell. Rather than taking screenshots, please provide me with a THOROUGH explanation of what you would do and the commands you would use. and include evidence of the whoami and pwd commands
Q: Explain the following concepts: (a) intranet and extranet
A: Intranet: Intranet is basically termed as the private network that is contained in any particular…
Q: What are the main differences between Groovy and Java?
A: Intro Groovy and Java 1) Groovy is an object-oriented programming language to develop applications…
Q: What are the similarities and differences between Round Robin Scheduling and First Come, First…
A: Introduction: What are the similarities and differences between Round Robin Scheduling and First…
Q: A function included within a procedural program _____. a. is always a named method b. should be…
A: - We need to talk about a function within a procedural program. - The options :: First option…
Q: What is the difference between shaping and planning?
A:
Q: What exactly is an auto keyword in C?
A: Intro In the C programming language, Auto is a storage class/keyword that is used to declare a local…
Q: Explain how the widespread usage of the World Wide Web has altered software systems and software…
A: Intro Before the widespread use of the web, users could only obtain software by physically visiting…
Q: Can someone explain how the output of this recusrsive function is 5? I find recursion difficult to…
A: Here when values of n becomes 0, it return value 20. Orelse the value will call itself ie recursion…
Q: Can someone explain how the output of this recursive function is 18? Recursion is confusing to me.…
A: The question is to find the reason: why the output of the given recursive function is 18. def R(n):…
Q: Is it true that in a normal organisational structure, information flows according to the information…
A: Introduction: Flows of Organizational Communication in the Workplace There are four possible routes…
Q: Choose one of the following themes and investigate it for your peers. A funnel chart plots data…
A: Start: Step 1: double-check the information sample. check the information before sampling Step 2:…
Q: heck (CRC) decode
A: Cyclic Redundancy Check (CRC): A cyclic redundancy check (CRC) is a mistake discovery algorithm that…
Q: What are the different parts of a typical Web application?
A: The following are the different components of a typical Web application: Client Side Database…
Q: Explain why a manager, such as Satoshi, should issue an authorization via the management role rather…
A: Introduction: Authorizations are given to roles in SQL. Consider an employee database in which a…
Q: What role does naming convention have in Python?
A: Intro What role does naming convention have in Python?
Q: Integration testing is unnecessary if each app is well tested." Please comment on this statement.
A: Find the required answer with explanation given as below :
Q: Which JavaScript expression references the first element in an HTML document that belongs to the…
A: Answer : Option (d) document.getElementsByClassName("sideBar")[0]
Q: (i) What actions are performed by the CPU when executing the instruction: PUSH EAX Answer: Decrement…
A: As per guidelines I can answer only first question. I hope you will understand. Thank You. Q(i)…
Q: If you're a Toyota analyst, compose a quick SWOT analysis including probable strengths, weaknesses,…
A: If you are a Toyota analyst, create a list of SWOT analyses highlighting prospective strengths,…
Q: Question 3 What is y after the following switch statement? 0; int y = 0; switch (x + 1){ int x = %3D…
A: Value of y after switch condition
Q: What is the significance of the difference between changeable and immutable values in the…
A: Intro The creation of a mutable object differs from that of an immutable object in that it can be…
Q: Take any product as an example. Apply the Water Fall Model (WFM) and explain each process. Arguments…
A: given: Provide a product example. Apply the Waterfall Model (WFM) and explain each step of the…
Q: What are the different types of access specifiers in Java?
A: Intro ACCESS SPECIFIERS:- Access specifiers in Java permit us to set the extension or visibility or…
Q: List five drawbacks of the modular class structure.
A: Modules means relating to the teaching of the courses at college or university in units. A modular…
Q: Explain what a consensus protocol is and how it solves an issue.
A: Introduction: Blockchain, a distributed decentralised network, is characterised by its immutability,…
Q: When shifting from on-premise servers to an IaaS architecture, what are some of the governance…
A: Introduction: Charity management use the infrastructure as a service (IaaS) delivery model to…
Q: The development of machine-independent software has been made possible thanks to languages like Java…
A: Developing software requires machine-executable programming languages: It is not a good idea to…
Q: Completing C and comprehending Java are examples of advanced material.
A: Intro Compiling is the process of transforming a high-level language into a low-level language.…
Q: If you're a Toyota analyst, compose a quick SWOT analysis including probable strengths, weaknesses,…
A: If you're a Toyota analyst, make a list of SWOT analyses highlighting possible strengths,…
Q: Explain how the widespread usage of the World Wide Web has altered software systems and software…
A: Before the widespread use of the web, users could only obtain software by physically visiting a…
Q: "Integration testing is futile," says your employer. Integration testing is unnecessary if each app…
A: Integratiоn: Integratiоn Testing is a kind of software testing in which individual modules are…
Q: Use words to describe the language defined by the regular expression (a|b)*a(a|b).
A: The given regular expression is : (a|b)*a(a|b)
Q: 2. This exercise is another variation on "instrumenting" the recursive Fi- bonacci program to better…
A:
Q: What options are there for safeguarding your PC from power surges?
A: Intro
Q: Suppose you have initialized a variable in your JavaScript program using this statement: let weight…
A: JavaScript JavaScript is a light-weight, web base, interpreted programming language. It is sometimes…
Q: Can someone explain how this recursive function output is 12? Recursion is hard for me
A: Thank you __________ print(R(0)) So here it will go to def R(n): So if 0>=5 false so it…
Q: A certain architecture is used to create all software applications. Explain the various…
A: Introduction: A certain architecture is used to build all software applications. Discuss the various…
Q: Component-based programming and the impact it has had on the market for software components are the…
A: Before understanding component-based programming, it is vital to grasp the definition of a…
Q: Computer science What are the benefits and drawbacks of assembly language? What distinguishes it…
A: Introduction: What are the benefits and drawbacks of assembly language? What distinguishes it from…
Q: Computer science List and describe the many types of search engines.
A: Introduction: Search engines assist users in finding and accessing information on the Internet.…
Q: What text features may a reader utilise to preview a document?
A: Introduction: Prepare yourself BEFORE reading any tough content. Spending a few minutes preparing…
Q: In the context of SoS design, how valuable is it to have an integrated user interface (UX)? There…
A: System of systems (SoS): In the context of a bigger, more complicated system, systems of systems…
Q: Is there a distinction between computer architecture and computer organization when it comes to…
A: Computer Architecture is the “What”. Computer Organization is the “How”. The system's architecture…
Q: The DNS is presented in great depth, from requests to authoritative and root servers through DNS…
A: Answer: DNS Works in following steps: Requesting Website Information is the first step:Let's go to…
Q: Extend the BNF in the answer bax below to include: 1. if-then-else-end statements (in addition to…
A: Here i am fill the blanks: =============================== 1.statement=if | while | assignment|…
Q: How do you make a step-by-step distribution diaphragm?
A: Diaphragms: Diaphragms are horizontal elements that convey earthquake forces to vertical lateral…
Q: 1-Write a programto set (bit- 15) and clear (bit-0) thatstored in memory locations form (01F0)Hto…
A: We need to write an assembly code to perform mentioned operations.
Q: Give a practical impact evaluation of cyber incidences and cost across the world. Country specific…
A: - We need to talk about the practical impact of cyber incidences and cost across the world.
Q: Explain three strategies for optimising audio files for the web in a nutshell.
A: Introduction: Basic sound editing is used to remove extraneous recording takes as well as artefacts…
Q: Understanding of social networking and its fundamental ideas Let's begin by clarifying what…
A: Social networking : A social network is a social structure of a group of social entertainers (people…
Step by step
Solved in 2 steps with 1 images
- This question relates to auditing command(s) that are ran on the MS2 VM.Use the auditing commands you have learned in class thus far to explore the MS2 VM.You should be currently logged into MS2 via SSH from the previous question to be able to answer this question. Based on the "TTY", how many "USERS" are on the MS2 vm, and "WHAT" are they doing?Penetration programming Modify the script so that it also works interactively. Specifically, if no hostname is given on the command line, the program should interactively ask for a hostname, starting port, and ending port with three separate prompts, and carry out its scan using those values. After scanning finishes, the program should loop to receive another set of values, stopping only when the user enters a blank host name. If this feature is implemented properly, it will also allow you to run the script in ’batch’ mode, by “piping in” a plain text file with the hostname on the first line, start port on the second, stop port on the third, and repeating for as many hosts as you wish to scan. For example, if a file named hosts_to_scan.txt contains a list of hosts and ports in the proper format, the program should now work as follows: cat hosts_to_scan.txt | ./portscanner.sh The timeout argument should still work in this case as well: cat hosts_to_scan.txt | ./portscanner.sh -t 3…Use setenforce to put SELinux in permissive mode. Now what does sestatus show about the current mode and the mode from the config file? Which mode is in effect? Which mode would be in effect if you rebooted the system? Take a screenshot showing the setenforce command and the output of sestatus.
- Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs. Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner? Options: A Implement rate limiting on the API. B Implement geoblocking on the WAF. C Implement OAuth 2.0 on the API. D Implement input validation on the API. if you could explain why you chose that correct choice, Id appreciate it. Thank you!penetration programming Modify the .sh script so that it also works interactively. Specifically, if no hostname is given on the command line, the program should interactively ask for a hostname, starting port, and ending port with three separate prompts, and carry out its scan using those values. After scanning finishes, the program should loop to receive another set of values, stopping only when the user enters a blank host name. If this feature is implemented properly, it will also allow you to run the script in ’batch’ mode, by “piping in” a plain text file with the hostname on the first line, start port on the second, stop port on the third, and repeating for as many hosts as you wish to scan. For example, if a file named hosts_to_scan.txt contains a list of hosts and ports in the proper format, the program should now work as follows: cat hosts_to_scan.txt | ./portscanner.sh The timeout argument should still work in this case as well: cat hosts_to_scan.txt | ./portscanner.sh -t 3…Use the Internet to research the installation and configuration process for the tripwire IDS on your Ubuntu Server Linux virtual machine. Next, install and configure the tripwire IDS on your Ubuntu Server Linux virtual machine using the default options. Following installation, use the tripwire --init command to create the tripwire database, and then use the tripwire --check command to analyze your system for possible security breaches based on file changes since the last tripwire database update.
- Some options in the User Accounts applet has a shield displayed beside them. What does this indicate? a. It indicates that those options cannot be used to modify existing user accounts. b. It indicates that a standard user account can use those options if required. c. It indicates that those options are restricted to administrative users. d. It indicates that a new user account can be created using those options.A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization. Which of the following actions would BEST resolve the issue? (Choose two.) : A. Deploy a WAF. B. Use containers. C. Conduct input sanitization. D. Patch the OS E. Deploy a reverse proxy F. Deploy a SIEM. ~if you could explain why you chose that correct choice, Id appreciate it. Thank you!Create an executable script to automatically launch the VNC viewer and connect to the Linux server with SSH tunneling (hint: see lab 6, part 4). The script should automate any password entry so that no passwords will have to be entered when the script is executed. Demonstrate its use. (in fedora linux
- The proposal to send a boot ID along with a message ID for each remote procedure call is to: a) Allow the client to tell if it received a duplicate response to a remote procedure call. b) Enable the client to identify whether the response came from an alternate backup server. c) Allow the server to distinguish among messages coming from different clients. d) Avoid having the server think a message is a duplicate when it is not.Another Sys Admin oversaw deploying the LAMP stack for a new website. The components consist of Apache2 and MySQL. After deploying the website and notifying users of availability there has been a lot of support tickets for inaccessibility of the website. 400/404 Errors are appearing ‘Website unreachable’. How would you troubleshoot the error? Run the commands that would show you details on why the website may be unreachable (verify each component).If you look at the docker-compose.yml file, you will find the following entries for the malicious router container. What are the purposes of these entries? Please change their value to 1, and launch the attack again. Please describe and explain your observation.