Penetration Testing with Kali Linux OffSec
sudo ./chmodfix +x /usr/bin/chmod
|
|
sudo ./chmodfix +x /usr/bin/chmod
[sudo] password for kali: Listing 24 - Yo dawg, I heard you like chmod, so I chmod +x your chmod. This worked. It may be too early to call ourselves “hackers”. However, finding unique ways to gain permissions unintended by a particular system is at the core of cyber security. This quick example offers a solid start. 162 (Aruchamy, 2021), https://www.baeldung.com/linux/sudo-command Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 75 4.4.4 Analyzing this Approach If much of the preceding example was new to you, congratulations! You’ve survived your first bit of cyber security training. Remember, the actual solutions and commands aren’t as important as understanding (for now) how this material was taught. Although we covered an admittedly simple section from our written training, let’s take a moment to examine how we taught this material. We’ll highlight a few things in particular: 1. Using the demonstration method 2. Learning by doing 3. The skill, not the tool 4. Interleaving 5. Expecting the unexpected Let’s quickly explore each of these. The demonstration method is used specifically in the tone and voice of the example covered, but also in the series of actions that we follow. We don’t skip steps, including verifying whether our solutions worked. Notably, we encounter a “problem” (not being able to execute our script) almost immediately, which represents the real-world, day-to-day experience of students after the course has ended. Research also supports problem solving as a very effective learning strategy both for engagement and retention. 163 This problem-solving approach is used throughout Modules very intentionally. One way learners can take advantage of this is by trying to predict outcomes. We might, for example, try to guess what the next step will be in solving a problem. If we are surprised that the course material goes in another direction, and if we’re curious, we can always try our solution! This is a great way to follow the material, but let’s consider something little more direct and practical. Learning by doing is an area where students can take learning into their own hands and accelerate their own growth. The best way to do this is to follow along. We can acknowledge that in the case presented in this Module, it would have been difficult to follow along manually. Normally, a Module will include at least one virtual machine that is specifically set up to allow learners to follow the accompanying text. In this case, we would have used a Linux machine with our find_employee_names.py script on it. Let’s discuss where and how to follow along by focusing on the code presented in the Module. A keen student may have noticed that all of the code chunks use a similar style of formatting. Let’s review one quickly: kali@kali:~$ Yüklə Dostları ilə paylaş:
|