interview process
We set off at 9:00 in the morning, and the lady from the administration department of the company informed us to have an interview at 11:30 noon, but at 10:30, the lady sent a message saying that we were just waiting for the two of us, and the others had already arrived, so the interview was held in advance Interview, is introversion so serious now?
I just arrived at the company at 10:50, and my brother who was with me went in for the interview first. I sat outside and waited. It took about half an hour before he came out with a smile on his face. I don’t remember the exact time. nervous.
When it was my turn, the lady from the administration department waited for me to lead me into an office where there were two interviewers. The resume was given to the interviewer by the lady from the administration department when I first came. The first thing is to introduce myself first. In one minute, I will roughly talk about my experience in school. I am pretty good at school. I can post my resume later. After introducing yourself, it's time for the interviewer to ask questions.
interview questions
It has been several hours since I wrote this article after the interview, so I don’t remember it very clearly. The following order is not the order of questions.
1. What is the src you submitted in the vulnerability box about?
I submitted a hole in Tongda OA of a company in Zhengzhou
2. To be more specific about oa, what is it about?
The Tongda oa version of this company is the 2017 version. After testing, there is a getshell and any user can log in under certain conditions (the interviewer laughed directly at the time)
3. It is written on your resume that you participated in the HVV operation, so what did you do in it?
During the HVV operation, our role was the blue team. Our main job was to audit the school's website, and if we found a vulnerability, we would submit a report to the school administrator to fix the vulnerability, and then trace the traffic source. In the part of traffic traceability, the interviewer was going to ask me this question, but my brother was asked this question in the interview just now, so I didn’t ask it again.
What's interesting is that in the last network protection operation, our school's Tongda OA system was developed by their company, which caused them to keep laughing when I mentioned Tongda OA later.
4. Briefly tell me what types of sql injection are there?
Blind injection, error injection, wide byte injection. I was so flustered at the time, I forgot a lot
5. Have you used any sql injection tools?
sqlmap
6. Is there any other method of sql injection besides GET and POST?
I didn't answer this question, which is related to the type of sql injection above. The interviewer said that there is sql injection where there is data submitted to the server.
7. Why does the website have sql injection vulnerabilities?
If the sql statement is lazy and uses splicing parameters during development, it will result in being able to use single quotes to close the sql statement.
8. Have you ever learned about XSS vulnerabilities?
I have learned that it is a java script closed statement, which is similar to SQL injection. Through this vulnerability, problems such as website hanging, web page jumping, and cookie stealing can be achieved.
9. What types of XSS vulnerabilities are there?
Storage type, reflective type. Actually, I don't know much about this. At that time, I thought of these two. In fact, there is another dom type.
10. Which function or method does the XSS vulnerability use to steal cookies?
I really haven't done much about xss vulnerabilities, and I didn't answer them at the time. The function used here is document.cookie.
11. How well do you learn PHP?
I said at the time that I could only read the code, but not develop it. I only used it to write the deserialization vulnerability poc. The interviewer said that he could only write the deserialization poc, but he could only read the code level. He expressed his disbelief, but I I really don't know much about php.
12. What conditions need to be met for deserialization in PHP to be used?
I didn't even answer that. . . .
I have been researching this thing for a long time. At that time, I only said that there is an unserialize() function and a magic function, but I can’t tell what the magic function is. In fact, it is the __wakeup() function. I just didn't review this part, and I clearly took notes.
13. How well do you learn python?
Python is a bit better at it. This is the truth, compared to php. . . .
14. What have you done with python?
I have written C-segment address scanning, automatic sign-in scripts, and developed some websites with django.
15. How many lines of code have you written in python?
More than 300 lines. In fact, the code I actually wrote is far more than that. This is the amount of code for some small scripts.
16. Seeing that you have participated in the Qi Anxin Cup, what is the specific purpose of this?
An offline awd competition.
17. Briefly tell me what is your task in the competition?
In fact, it is crooked here, and I accidentally said that it has become the usual bugku awd competition mode.
The first 15 minutes of protection, that is, hang waf, fix the loopholes of your own target machine, and attack others through the loopholes of your own target machine in the later attack stage, because the target machines are all the same, and then you can also intercept the attack by imitating waf The interviewer laughed again when he mentioned this, saying that this is all a routine, and they did it like this when they were studying.
18. Seeing that you have participated in the teacher's automatic operation and maintenance research project on your resume, what are you doing specifically?
It is to automatically configure network devices and servers through python scripts.
19. Tell me what modules are used in python scripts in automated operation and maintenance?
I couldn't remember that word completely, so the interviewer asked me to start it, and I said p, which is paramiko, but I didn't use this at all when I was working on this project. . . .
I am using netmiko, which is almost unstoppable. Fortunately, paramiko can indeed implement ssh.
20. According to your resume, you will use Linux and Windows Server to configure various services, so what services will you configure?
Windows Server will configure some basic services, and Linux will configure a lot. I forgot what I said.
21. The first prize for server construction and operation and maintenance in the school. What are the specific competition content and scoring criteria?
It is the five basic services of windows and linux. The scoring standard will give specific requirements, and build according to specific requirements to obtain points.
22. Have you ever learned about the loopholes in middleware, such as apache?
This question stopped me again. It just happened that I didn’t understand it at all. In fact, I had seen this kind of thing before. I forgot it at the time, so I can only honestly say that I didn’t understand it.
23. How to realize the file upload vulnerability?
Uploading is achieved by modifying the file suffix and the file type in the data packet. In this regard, the interviewer actually mentioned such a sentence and did not ask further.
24. How to bypass sql injection if waf exists?
Bypassing ****\ by double writing and commenting. After the interview here, I came up with a lot of methods, but I was still nervous.
25. Have you learned about the difference between sql server and mysql?
This also asked me. At that time, I replied that the comment method is different. I really haven't used SQL server much.
26. Have you ever used burpsuite?
There have been bag grabbing and blasting through burpsuite.
27. Did you know the blasting mode during blasting?
Another question that stuck with me, I have only used the mode of blasting one parameter in this mode.
The next part is the link of homework, asking me about my career plan and whether I have brothers and sisters in my family, who are there, where do I live now, etc. After that, I will come to the link of asking questions, and I will ask two questions , The issue of salary will not be written here.
Will there be training after induction?
Yes, there will be training in the first two months of the internship period, such as code audit, penetration process, basic vulnerability exploitation, etc. I can’t remember the details.
How are working hours arranged?
Nine to five, five days a week.
Summarize
The interview is over here, and the rest is to go back to school and wait for text messages and phone calls. This interview revealed many shortcomings of myself, and I have to continue to study later.
I am very satisfied with the company I interviewed for this time. Whether it is the working atmosphere, working hours or salary, they all perfectly meet my needs. The main reason is not to use 996.
