Hi everyone.
I’ve started learning security at HTB academy for a few weeks and currently stuck at window security topic question.
The question is “What non-standard application is running under the current user?” but i don’t know what exactly the “non-standard application” means.
I’ve googled but didn’t find any result.
Can you guys explain this concept for me?
Thank you in advance.
In general it means an application that doesn’t come with a normal install of windows (IMHO).
For example, notepad is a standard windows application. Notepad++ isn’t (although it is very common and probably installed so often you’d consider it standard).
Then if you find IrfanView running, it clearly isn’t standard.
@TazWake Thank you for your answer. It’s very clear explanation.
Thank’s for suggestion
I’m stuck, can’t find it. I’ll have to actually learn shell to get this answer naturally.
With Windows if you run:
Get-Process | select-object Processname, id
or powershell -c get-process | select-object Processname, id
it will list the processes that is on the machine.
Filter through them to see what sticks out
I don’t know why but for some reason I am struggling with this… I saw the hint and this post, and I was thinking its Foxit Reader Update Service but it is not… Any extra hints for me please?
Type your comment> @acidbat said:
With Windows if you run:
Get-Process | select-object Processname, id
orpowershell -c get-process | select-object Processname, id
it will list the processes that is on the machine.
Filter through them to see what sticks out
from cli tasklist
will work too. Depending on what type of shell you have and have access too.
There are some pretty decent courses on Udemy that cover windows but if you’re just starting out HTB / tryhackme have a lot of very good information to soak up.
When you reach the end of those check out other resources. Books/Udemy blah blah.
Oh… and look up winpeas
Type your comment> @PrivacyMonk3y said:
Type your comment> @acidbat said:
With Windows if you run:
Get-Process | select-object Processname, id
orpowershell -c get-process | select-object Processname, id
it will list the processes that is on the machine.
Filter through them to see what sticks outfrom cli
tasklist
will work too. Depending on what type of shell you have and have access too.There are some pretty decent courses on Udemy that cover windows but if you’re just starting out HTB / tryhackme have a lot of very good information to soak up.
When you reach the end of those check out other resources. Books/Udemy blah blah.
Oh… and look up winpeas
Ah yes tasklist
is good
I don’t know why, but NordVPN and Foxit Reader aren’t pre-installed right?
Hi! I’m still stuck at this question. I’ve been trying almost all of the services listed in tasklist either with .exe or not) and and still have not find it. Any help please…? This is getting frustrating. Nothing that stands out work.
Type your comment> @hajdarevicedin said:
I don’t know why, but NordVPN and Foxit Reader aren’t pre-installed right?
Just looking over my time on this machine, the fox is the right way to go. Just need to get the name right…
on a side note; I do find Academy good but equally frustrating because of the case sensitive
answers
name of the service EXEcutable
That moment when you realize that you have been missing file extension all time long…
I tried everythings possibile… lol the last question in this module, i copied and pasted the name, with the file extension, but nothing i really don’t understand. This question is present 2 time, the first time everything ok, but second one none… Pls help me lol
Type your comment> @lilith39 said:
I tried everythings possibile… lol the last question in this module, i copied and pasted the name, with the file extension, but nothing i really don’t understand. This question is present 2 time, the first time everything ok, but second one none… Pls help me lol
la respuesta tiene que estar completa con la extensión.
Type your comment> @NautiluScorp said:
Type your comment> @lilith39 said:
I tried everythings possibile… lol the last question in this module, i copied and pasted the name, with the file extension, but nothing i really don’t understand. This question is present 2 time, the first time everything ok, but second one none… Pls help me lol
la respuesta tiene que estar completa con la extensión.
I know, alredy done it, but nothing.
hello everyone, tip, don’t forget .exe and also look for an update service not built into windows
Hi @Rainbowolf77 i try with the .exe or EXE extention and also with the name of UpdateService for FoxitReader but not work for me; what may be failing.