Submission for core team selection, Sys. Admin & Infosec club, IIT Mandi

Each of the 4 tasks has a readme.md file in its folder. I tried to be as exhaustive with the descriptions as i could (as requested !). All the other files involved are also present in the folders.

Note : I was working on MacOS, so most of the shell/terminal commands are the ones available on Unix/Linux (and shell script is bash). I guess that there would be equivalents for windows also.

Note after making this repo public :

The original questions are at https://github.com/KamandPrompt/saic-test-2021/

For reference I've copied them into the remaining part of this file

Since you will be in charge of a public facing server you need to know how to protect a server and in order to protect a server you must first learn how attacks generally work. A drive link containing a hackme.ova file is provided to you. This file can be imported into a Virtual Box. When run as guest, it will act as a remote server hosting a site on it's own local host which can be seen on your host localhost. You have to get inside this server by exploiting any vulnerability that you find.

Report your findings and method.

You will find the key once you have reached the desired level of privilege( not root ).

Use of tools like metasploit is discouraged.

• Any kinds of scripts used.
• Information about the tools used.
• List all the things you learnt from this task.

• Scans for all the open ports on the ip address.

• Finds the geographical location of the ip address.

• Finds all the information about the domain pointing to that ip address (if domain provided).

• The kind of services hosted by the ip and their status

• Any other important detail that you can extract with an explanation to why it's important.

• This script has to record all these details in a file format(.txt or any other) and send them over mail to the user periodically.

You can use any language you like for the script. But keep in mind that an answer having an excessive use of libraries will always be inferior to a solution using lesser libraries. Also the quality and details of the formated output will be considered.

• The script file.
• Documentation of how the script works.
• A working demo using screenshots or recordings if possible.
• List all the things you learnt from this task.

Your job is to create a docker container on your personal device. Now clone the following site into the container and run them inside that container. Map the ports for the container such that both the sites are up and running on 127.0.0.1(localhost) of your host OS's browser using the mapped ports.

Then you have to export this docker container in form of an image and upload it as a public image on docker-hub after signing up for a free account. Therefore, anyone from any part of the world should be able to download and run your image with the simple command.

docker run <flags> <username>/<image_name>

and have the 2 sites running on any 2 available ports.

Note - the complete list of commands needs to be submitted along with all the necessary flags and user info.

https://github.com/KamandPrompt/SAIC-Website

https://github.com/KamandPrompt/kamandprompt.github.io

• Commands used.
• List all the things you learnt from this task.

Your task is to write a script that is able to detect whether a repository has changed on a remote branch. If so, then the script must auto-pull the changes into the local repository's pre-determined branch. BONUS MARKS - You need to redeploy/restart the pulled application on the local( for non-static sites this important ). You can do it for any web site involving a backend like django, flask , express etc.

• The script file.
• Documentation of how the script works.
• A working demo using screenshots or recordings if possible.
• List all the things you learnt from this task.