TryHackMe | Search Skills | RSCyberTech
3 min readNov 2, 2024
➡️ By @RSCyberTech
- Website: RSCyberTech.com
- LinkedIn: linkedin.com/in/ricardoams
1️⃣ Task 1 — Introduction
- no answer needed
2️⃣ Task 2 — Evaluation of Search Results
What do you call a cryptographic method or product considered bogus or fraudulent?
Answer ✅
Snake oil
Justification / Source
- “In cryptography, snake oil is any cryptographic method or product considered to be bogus or fraudulent.”
- https://en.wikipedia.org/wiki/Snake_oil_(cryptography)#:~:text=In cryptography%2C snake oil is,in 19th century United States.
Steps
- Google search for “cryptographic method or product considered to be bogus or fraudulent”
What is the name of the command replacing netstat
in Linux systems?
Answer ✅
ss
Justification / Source
- “Formally,
ss
is the socket statistics command that replacesnetstat
.” - https://www.redhat.com/en/blog/ss-command#:~:text=Formally%2C ss is the socket,commands and their ss replacements.
Steps
- Google search for “name of the command replacing netstat in Linux systems”
3️⃣ Task 3 — Search Engines
How would you limit your Google search to PDF files containing the terms cyber warfare report?
Answer ✅
filetype:pdf cyber warfare report
Justification / Source
- Information present in the section’s text
Steps
- n/a
What phrase does the Linux command ss
stand for?
Answer ✅
socket statistics
Justification / Source
- “The ss (socket statistics) command is a powerful tool in Linux used for examining sockets.”
- https://www.sans.org/blog/linux-incident-response-using-ss-for-network-analysis/
Steps
- Google search for “ss command meaning”
4️⃣ Task 4 — Specialized Search Engines
What is the top country with lighttpd servers?
Answer ✅
United States
Justification / Source
Steps
- Searching for
httpd
on shodan.io - Looking at the
top countries
section on the left side menu
What does BitDefenderFalx detect the file with the hash 2de70ca737c1f4602517c555ddd54165432cf231ffc0e21fb2e23b9dd14e7fb4
as?
Answer ✅
Android.Riskware.Agent.LHH
Justification / Source
- “BitDefenderFalx Android.Riskware.Agent.LHH”
- https://www.virustotal.com/gui/file/2de70ca737c1f4602517c555ddd54165432cf231ffc0e21fb2e23b9dd14e7fb4
Steps
- Searching the provided hash in VirusTotal.com
- Looking at the
BitDefender
result
5️⃣ Task 5 — Vulnerabilities and Exploits
What utility does CVE-2024–3094 refer to?
Answer ✅
xz
Justification / Source
- “Malicious code was discovered in the upstream tarballs of xz”
- https://nvd.nist.gov/vuln/detail/CVE-2024-3094?ref=thestack.technology
Steps
- Google search for “CVE-2024–3094”
6️⃣ Task 6 — Technical Documentation
What does the Linux command cat
stand for?
Answer ✅
concatenate
Justification / Source
- “cat — concatenate files and print on the standard output”
- https://linux.die.net/man/1/cat
Steps
- Google search for “man cat”
What is the netstat
parameter in MS Windows that displays the executable associated with each active connection and listening port?
Answer ✅
-b
Justification / Source
- “-b — Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions.”
- https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/netstat
Steps
- Google search for “netstat windows”
7️⃣ Task 7 — Social Media
You are hired to evaluate the security of a particular company. What is a popular social media website you would use to learn about the technical background of one of their employees?
Answer ✅
LinkedIn
Justification / Source
- n/a
Steps
- n/a
Continuing with the previous scenario, you are trying to find the answer to the secret question, “Which school did you go to as a child?”. What social media website would you consider checking to find the answer to such secret questions?
Answer ✅
Facebook
Justification / Source
- n/a
Steps
- n/a
8️⃣ Task 8 — Conclusion
No answer needed
➡️ By @RSCyberTech
- Website: RSCyberTech.com
- LinkedIn: linkedin.com/in/ricardoams