Tasks
Last updated
Was this helpful?
Last updated
Was this helpful?
Perform a port and service discovery scan using Nmap on the website www.moviescope.com. Enter the IP address of the machine hosting .
10.10.1.19
Perform a scan using Nmap on the website www.moviescope.com. Enter the name of the DNS server hosting the domain name for .
Server2019
Perform banner grabbing using Telnet on the website www.moviescope.com to identify the make, model, and version of the target web-server software. Identify the server-side application used to develop the web pages.
ASP.NET
Use the WhatWeb tool to perform website footprinting on the website www.moviescope.com. Enter the Meta-Author name.
EC-Council
Use the WhatWeb tool to perform website footprinting on the website www.moviescope.com. Enter the version number of the ASP.NET server-side application used to develop the web pages.
4.0.30319
Perform web spidering on the www.moviescope.com website using OWASP ZAP. Enter the name of the tab on the OWASP ZAP application that allows you to view detailed information regarding the URLs obtained while performing web spidering.
Spider
Use the dig command to detect the load balancers on the website www.yahoo.com. Enter YES if load balancers are used or NO otherwise.
YES
Use the lbd tool to detect the load balancers on the website www.yahoo.com. Identify the type of load balancing detected on the website (DNS load balancing or HTTP load balancing).
DNS load balancing
Use the Gobuster tool to identify web-server directories on the website www.moviescope.com. Find the number of web-server directories exposed to the Internet.
7
Use Nmap, Gobuster and Dirsearch tools to identify web server directories on the target website. Enter the option that is used to specify the extension of the file while performing directory bruteforcing on a specific file extension using dirsearch in this task.
Use Nmap, Gobuster and Dirsearch tools to identify web server directories on the target website. Enter the option that is used to specify exclude status code while performing directory bruteforcing on a specific file extension using dirsearch in this task.
-x
Discover vulnerabilities in the target web application (http://10.10.1.22:8080/dvwa) hosted on Windows Server 2022 using Vega. Enter the port number on which DVWA is hosted .
8080
Use ClickjackPoc to identify any clickjacking vulnerability in the website www.moviescope.com hosted by the Windows Server 2019 machine. Enter YES if the website is vulnerable to clickjacking or NO otherwise.
YES
Identify a clickjacking vulnerability using ClickjackPoc on http://www.moviescope.com. Enter the option that is used to specify the file which contains domain names for scanning.
-f
Perform a brute-force attack on the WordPress website (http://10.10.1.22:8080/CEH) using Burp Suite. Enter the username/password obtained. Note: username and password files are available at /home/attacker/Desktop/CEHv12 Module 14 Hacking Web Applications/Wordlist.
admin/qwerty@123
Use Burp Suite to perform parameter tampering on the website www.moviescope.com. Enter the first name of the user associated with the user account ID=2.
john
Use Burp Suite to perform parameter tampering on the website www.moviescope.com. Enter the date of birth of the user associated with the user account ID=4.
20-05-1983
Use the PwnXSS tool to scan the target website for cross-site scripting (XSS) vulnerability. Enter the target url that was used in this task for the scan.
Use the PwnXSS tool to scan the target website for cross-site scripting (XSS) vulnerability. Enter the option that is used to specify the target url while performing the scan.
-u
Perform parameter tampering on the target web application (www.moviescope.com). Enter the first name of the user associated with the user account ID=4.
steve
Perform parameter tampering on the target web application (www.moviescope.com). Enter the profile ID of kety.
3
Use the WPScan tool to perform a cross-site request forgery (CSRF) attack on a WordPress website (http://10.10.1.22:8080/CEH). Enter the version of the leenkme plugin installed on the WordPress website. Note: use the credentials admin/qwerty@123 to log in to the WordPress website. You need to exploit the leenkme plugin to perform a CSRF attack.
2.5.0
Use the WPScan tool to enumerate usernames on a WordPress website (http://10.10.1.22:8080/CEH). Enter the username obtained.
admin
Use the Metasploit tool to perform a dictionary attack against the web application http://10.10.1.22:8080/CEH and crack the password for the identified username. Enter the cracked password. Note: the password file is available at /home/attacker/Desktop/CEHv12 Module 14 Hacking Web Applications.
qwerty@123
Perform command-line execution on a vulnerability found in the DVWA web application (http://10.10.1.22:8080/dvwa/login.php). Enter the hostname of the Windows Server 2022 system. Note: the DVWA login credentials are gordonb/abc123.
Server2022
Perform command-line execution on a vulnerability found in the DVWA web application (http://10.10.1.22:8080/dvwa/login.php). Enter the number of directories found in the C drive of the Windows Server 2022 system.
8
Exploit a file upload vulnerability at low security levels of DVWA (http://10.10.1.22:8080/dvwa/login.php) using Metasploit. Enter the name of the Windows Server 2022 machine.
SERVER2022
Gain backdoor access by exploiting Log4j vulnerability on an application installed in Ubuntu machine. What is the port number on which the netcat listener was setup in Parrot Security machine in this task?
9001
Detect web application vulnerabilities using N-Stalker Web Application Security Scanner. Flag submission is not required for this task, enter "No flag" as the answer.
No flag