1. Task
Task1
Q: What does the acronym SQL stand for?
A: Structured Query Language
Task2
Q: What is one of the most common type of SQL vulnerabilities?
A: SQL Injection
Task3
Q: What is one of the most common type of SQL vulnerabilities?
A: A03:2021-Injection
Task4
Q: What does Nmap report as the service and version that are running on port 80 of the target?
A:Apache httpd 2.4.38 ((Debian))
Task5
Q: What is the standard port used for the HTTPS protocol?
A: 443
Task6
Q: What is a folder called in web-application terminology?
A: directory
Task7
Q: What is the HTTP response code is given for 'Not Found' errors?
A: 404
Task8
Q: Gobuster is one tool used to brute force directories on a webserver. What switch do we use with Gobuster to specify we're looking to discover directories, and not subdomains?
A: dir
Task9
Q: What single character can be used to comment out the rest of a line in MySQL?
A:#
Task10
Q: If user input is not handled carefully, it could be interpreted as a comment. Use a comment to login as admin without knowing the password. What is the first word on the webpage returned?
A: Congratulations
