Update readme.md

labs/1-3.Challenge-SillyPutty/answers/readme.md

@@ -79,7 +79,7 @@ A: The port is 8443.
 
 Q: What is the callback protocol at detonation?
 
-A: The protocol is HTTPS/TLS. This can be identified in Wireshark by the initiation of a CLIENT HELLO message from the detonation to the specified domain.
+A: The protocol is SSL/TLS. This can be identified in Wireshark by the initiation of a CLIENT HELLO message from the detonation to the specified domain.
 
 ---
 
@@ -91,6 +91,6 @@ A: This can be accomplished by filtering on the name of the binary and adding an
 
 Q: Attempt to get the binary to initiate a shell on the localhost. Does a shell spawn? What is needed for a shell to spawn?
 
-The shell does not spawn without a proper TLS handshake, so using a basic ncat listener on port 443 does not initiate a shell. The syntax of the PowerShell reverse shell requires TLS to complete the network transaction, so even if you use the `hosts` file and open up a listener on port 443 to catch the incoming shell, you cannot coerce the binary to connect unless you can also provide a valid SSL certificate.
+A: The shell does not spawn without a proper TLS handshake, so using a basic ncat listener on port 8443 does not initiate a shell. The syntax of the PowerShell reverse shell requires TLS to complete the network transaction, so even if you use the `hosts` file and open up a listener on port 8443 to catch the incoming shell, you cannot coerce the binary to connect unless you can also provide a valid SSL certificate.
 
 `Bonus:` the module used to spawn this reverse shell is available in Metasploit. Try to figure out which module is in use, bring a Kali machine into the lab, and catch the incoming shell!