Pennyworth
Initial Scan
Task 1
What does the acronym CVE stand for?
Answer: Common Vulnerabilities and Exposures
Task 2
What do the three letters in CIA, referring to the CIA triad in cybersecurity, stand for?
Answer: Confidentiality, Integrity, Availability
Task 3
What is the version of the service running on port 8080?
Answer: Jetty 9.4.39.v20210325
Task 4
What version of Jenkins is running on the target?
Answer: 2.289.1
Task 5
What type of script is accepted as input on the Jenkins Script Console?
Answer: Groovy
Task 6
What would the "String cmd" variable from the Groovy Script snippet be equal to if the Target VM was running Windows?
Answer: cmd.exe
Task 7
What is a different command than "ip a" we could use to display our network interfaces' information on Linux?
Answer: ifconfig
Task 8
What switch should we use with netcat for it to use UDP transport mode?
Answer: -u
Task 9
What is the term used to describe making a target host initiate a connection back to the attacker host?
Answer: reverse shell
Task 10
Submit Root Flag
Answer: 9cdfb439c7876e703e307864c9167a15
Last updated