In this Challenge you will use the tools nmap, telnet, and hydra. Visit the site https://tryhackme.com/room/netsecchallenge to practice on your own and gain knowledge and experience.
Let’s start
You can answer the following questions using Nmap, Telnet, and Hydra.
| Question 1: What is the highest port number being open less than 10,000 ?
Due to time constraints I only scan the first 10,000 ports with the command -p1–10000.
That’s it.
| Question 2: There is an open port outside the common 1000 ports; it is above 10.000 What is it ?
I try the first 10,000 ports after 10,000 and lucky here we have the open port.
| Question 3: How many TCP ports are open ?
You will find the answer after the first scan.
| Question 4: What is the flag hidden in the HTTP server header ?
| Question 5: What is the flag hidden in the SSH server header ?
ssh IP_Adress give the result Permission denied so try it with the -v option for verbose logging to see the debug information and to get the flag.
| Question 6: We have an FTP server listening on a nonstandard port. What is the version of the FTP server ?
I try it with the nmap -sV -p10021 <ip-address> option
| Question 7: We learned two usernames using social engineering: eddie and quinn. What is the flag in one of these two account files and accessible via FTP ?
- Create a file with the both usernames and start hydra
- hydra -L <name of you file> -P /usr/share/wordlists/rockyou.txt ftp://<yourip with the right port>
Next step connect with the ftp server with the username and password and look up for a file and download it to your Attackbox after that open and see the flag.
| Question 8: Browsing to http://10.10.61.123:8080 displays a small challenge that will give you a flag once you solve it. What is the flag?
The challenge is to scan the IP without to be detected by the IDS. Okay let’s go.
I choose the Nmap Null Scan with: nmap -sN <your IP>. The Null Scan doesn’t set any bits (TCP flag header is 0)
Thanks to TryHackMe to give the opportunity to learn about Network Security with a practice lab.
At the end thank you https://tryhackme.com/p/strategos for the nice and interesting room.
Visit the room: https://tryhackme.com/room/netsecchallenge
