OWASP Top 10

05 Feb 2020 in TryHackMe

Learn about and exploit each of the OWASP Top 10 vulnerabilities. most critical web security risks.

Task 5: [Severity 1] Command Injection Practical

What strange text file is in the website root directory?

What strange text file is in the website root directory?

Answer: The root directory of the website is /var/www/html .we can put ls command and it will return list of files present in the root directory.we can get to know the name of the strange text file.

ls

How many non-root/non-service/non-daemon users are there?

Answer:

ls /home

What user is this app running as?

whoami

What is the user’s shell set as?

cat /etc/passwd

What version of Ubuntu is running?

lsb_release -a

Print out the MOTD. What favorite beverage is shown?

cat /etc/update-mot.d/00-header