Cicada information security training partners know that we will not only be driven by the needs of the enterprise, the initiative to cultivate professional skills and professional quality, to help you complete the transition from the college to the workplace, in fact, in everyone’s employment, the teacher will also provide interview counseling, resume optimization.
Today, I will share with you an interview question that a classmate met in the interview of osmosis engineer ~
** Interviewing company: ** Chengdu Certain Information Technology Co., LTD
** Interview position: ** Penetration Test Engineer
Salary: **8-12, two days off
** Interview process: ** I submitted my resume in the morning of the first day, received an interview invitation in the afternoon, and had an interview on the second day. There was only one interview in between, but it took a long time to receive the offer. It took about two weeks.
Interviewer’s questions:
1. Why don’t you introduce yourself first
This should be the first question every interviewer will ask, it is best to combine their own advantages, professional knowledge and characteristics of self-introduction.
2. Tell us what you know about Web vulnerabilities
I just talked about the top10, and also briefly described what I learned in the college and the actual projects.
3. What bugs do you encounter most in SRC mining
SQL injection, XSS, overreach and some weak passwords
4. There are several types of SQL injection
Show wrong, blind note, these colleges have to teach, all say go
5. Talk more about SQL injection
Explain the principle, and then from the beginning to determine the injection point to finally obtain the library name of the process, which method, say on the line
6. There are several types of XSS
Reflection type, storage type, DOM type, in the characteristics of these several good to say
7. Is XSS useful for anything other than getting cookies
This did not answer at that time come up, went to search on the net later discover also have many uses. (Don’t be afraid to make mistakes during the interview if you don’t know the answer. Find the answer after the interview to avoid the next interview.)
8. Talk about the process of penetration test
Information collection, function point search, vulnerability testing, vulnerability analysis, vulnerability utilization.
9. Talk about information collection
Whois, fingerprinting, sensitive directories, subdomains, ports, and some sideloads
(I was a little confused and didn’t answer very well)
Look at your resume has written Intranet penetration, a brief talk
I told him everything I was taught, from webshell acquisition, empowerment, port forwarding, to domain penetration
11. After acquiring the shell, how did you claim rights
Get the shell, connect the kitchen knife, open the terminal, first whoami to check their permissions,
If permissions are low, try a rotten potato claim, or use SystemInfo to see what patches are in place and then find the exp for the patch
12. How to obtain shell from database
You can write a sentence to a file to get the shell, or you can write a log to get the shell
13. Have you been in contact with the database
Know MySQL database, including MOF, UDF,
At that time only said these two, there should be some other way to raise rights, you can go to the Internet to see
14. After entering the Intranet, how to maintain the permission
You can leave a back door in the Intranet machine, but this one has to be done to avoid killing,
If you take down the domain controller host, you can make gold notes to control it
15. Talk about gold notes
This cicada hall teacher in class also speak, here is not detailed
16. Talk about APP penetration
Vulnerabilities of the Web level can be found in the APP. Through packet capture and data analysis, and through reverse APK, the source code can be obtained for analysis
If you can’t catch the bag, because what
It is possible that the proxy is not set up properly, or that HTTP is not used
18. Talk about HTTP two-way authentication
I don’t want to elaborate on this, but there are a lot of them online
19. Do you know APT
Well, I have read some articles about this, but I have not contacted them
** Interview result: ** passed
** Interview difficulty: ** Medium (personal feeling)
Interview experience:
During the interview, I was a little nervous and didn’t play well. I didn’t answer some questions in time. I didn’t have a solid foundation and didn’t answer some questions calmly
Interview tips for everyone:
Basic is very important, more to dig some SRC to increase actual combat experience, when the interview mentality should be calm, do not be nervous, the content of the course is thoroughly understood, the interview is basically stable, the interview will basically ask the resume written, do not write not, otherwise it will be very embarrassing