Introductory Researching to Identify and Exploit the Vulnerabilities
The most crucial method or procedure in vulnerability analysis, bug hunting, and any other cyber security tasks is research. To extract the information from web sites like Google, ExploitDB, and others, we must utilise the right keys.
They give some more examples ,how to analyze and search with proper keywords.
The write-up is for the Tryhackeme room : https://tryhackme.com/room/introtoresearch
What is CVE ?
Common Vulnerabilities and Exposures, or CVE, is what it means. A dictionary that categorizes vulnerabilities is called CVE. The glossary assesses vulnerabilities, scores them using the Common Vulnerability Scoring System (CVSS), and then determines how dangerous they are.
How is a CVE named?
CVE names, also known as “CVE numbers,” “CVE-IDs,” and “CVEs,” are distinctive, widely used identifiers for known information security flaws.
CVE names might be “candidates” or “entry” names.MITRE corporation manage this CVE ID’s.
Tools used to Research the Vulnerabilities
To examine the commands and tool information, use the man command.
Netcat :-
A networking tool called Netcat uses the IP protocol family to read and write data through TCP and UDP connections.A potent tool for port scanning, banner capturing, and identifying unidentified services is Netcat. When sending the HTTP HEAD command with Netcat, you can specify the kind of Web server and its version.
Nano :-
A straightforward terminal-based text editor is GNU nano. It is simple to learn and use even if it is not as strong as Emacs or Vim. Nano is perfect for creating brief plain text files or for making minor adjustments to existing configuration files.
Fdisk :-
In Linux, the command disc, commonly referred to as format disc, is used to create and modify the disc partition table. The dialog-driven interface is used to examine, create, remove, modify, resize, copy, and transfer partitions on a hard disc.
SCP :-
In the Linux operating system, the scp (secure copy) command is used to transfer files securely between servers. Secure file transfer between a local host and a remote host or between two remote hosts is possible with the SCP command, also known as secure copy. It employs the same security and authentication measures as the Secure Shell (SSH) protocol. SCP is renowned for its availability, simplicity, and security.
Click and Read the day 4 write-up which in it I discussed the VPN Network
Try hackme Day 4 : https://medium.com/@gokulelango1040/virtual-private-network-anonymous-short-path-b017dfd5360f
It is a very short Write-up, But it may give some interesting information to you.Follow me for more.. Thank you !
