Google Dorking Room walkthrough - TryHackMe!

-
google dorking

Task 2 - Let’s learn about crawlers

  1. Name the key term of what a “Crawler” is used to do
	Index
  1. What is the name of the technique that “Search Engines” use to retrieve this information about websites?
	crawling
  1. What is an example of the type of contents that could be gathered from a website?
	keywords

Task 4 - Enter: Search Engine Optimisations

  1. Where would “robots.txt” be located on the domain “ablog.com
	ablog.com/robots.txt
  1. If a website was to have a sitemap, where would that be located?
	/sitemap.xml
  1. How would we only allow “Bingbot” to index the website?
	user-agent:Bingbot
  1. How would we prevent a “Crawler” from indexing the directory “/dont-index-me/”?
	Disallow:/dont-index-me/
  1. What is the extension of a Unix/Linux system configuration file that we might want to hide from “Crawlers”?
	.conf

Task 5 - Sitemaps

  1. What is the typical file structure of a “Sitemap”?
	xml
  1. What real life example can “Sitemaps” be compared to?
	map
  1. Name the keyword for the path taken for content on a website
	route

Task 6 - What is Google Dorking?

  1. What would be the format used to query the site bbc.co.uk about flood defences
	site bbc.co.uk flood
  1. What term would you use to search by file type?
	filetype:
  1. What term can we use to look for login pages?
	intitle: login

Popular posts from this blog

Mustacchio - TryHackMe

-
Image
thm What we can learn from this machine : XXE injection Enumerations SUID exploit let’s start with a nmap scan. normal nmap scan found port 80 webserver called Mustacchio and port 22 ssh open running ubuntu. I try to running a full nmap scan for see more ports are open above the port 1000. # Nmap 7.91 scan initiated Sat Jun 12 14:57:25 2021 as: nmap -sC -sV -p- -oN scans/nmap-allports 10.10.236.36 Nmap scan report for 10.10.236.36 Host is up (0.15s latency). Not shown: 65532 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 d3:9e:50:66:5f:27:a0:60:a7:e8:8b:cb:a9:2a:f0:19 (RSA) | 256 5f:98:f4:5d:dc:a1:ee:01:3e:91:65:0a:80:52:de:ef (ECDSA) |_ 256 5e:17:6e:cd:44:35:a8:0b:46:18:cb:00:8d:49:b3:f6 (ED25519) 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) | http-robots.txt: 1 disallowed entry |_/ |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-t...
Read more

Tech_Supp0rt: 1 - TryHackMe

-
Image
Welcome file Welcome to another CTF-writeup !! Tech_support:1 by vikaran. What we can learn from this machine. nmap scan , smbmap etc. (enumeration skills) subrion cms 4.2.1 RCE iconv sudo permission to overwritten files and read the files Let’s start with enumeration. First with nmap to see what port we have in the box. Nmap scan ┌── ( defalt@kali ) - [ ~/Documents/tryhackme/Tech_Supp0rt:1 ] └─$ nmap -sC -sV 10.10.168.200 Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-15 21:29 PDT Nmap scan report for 10.10.168.20 Host is up ( 0.37s latency ) . Not shown: 996 closed tcp ports ( conn-refused ) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 ( Ubuntu Linux ; protocol 2.0 ) | ssh-hostkey: | 2048 10:8a:f5:72:d7:f9:7e:14:a5:c5:4f:9e:97:8b:3d:58 ( RSA ) | 256 7f:10:f5:57:41:3c:71:db:b5:5b:db:75:c9:76:30:5c ( ECDSA ) | _ 256 6b:4c:23:50:6f:36:00:7c:a6:7c:11:73:c1:a8:60:0c ( ED25519 ) 80/tcp open http Apache ht...
Read more

Nmap - TryHackMe!

-
Image
nmap Task 2 What networking constructs are used to direct traffic to the right application on a server? ports How many of these are available on any network-enabled computer? 65535 [Research] How many of these are considered “well-known”? (These are the “standard” numbers mentioned in the task)? 1024 Task 3 What is the first switch listed in the help menu for a ‘Syn Scan’ (more on this later!)? -sS Which switch would you use for a “UDP scan”? -sU If you wanted to detect which operating system the target is running on, which switch would you use? -O Nmap provides a switch to detect the version of the services running on the target. What is this switch? -sV The default output provided by nmap often does not provide enough information for a pentester. How would you increase the verbosity? -v Verbosity level one is good, but verbosity level two is better! How would you set the verbosity level to two? (Note: it’s highly advisable to a...
Read more