Net Sec Challenge

3 min readJun 16, 2022

In this Challenge you will use the tools nmap, telnet, and hydra. Visit the site to practice on your own and gain knowledge and experience.

Let’s start

You can answer the following questions using Nmap, Telnet, and Hydra.

| Question 1: What is the highest port number being open less than 10,000 ?

Due to time constraints I only scan the first 10,000 ports with the command -p1–10000.

That’s it.

| Question 2: There is an open port outside the common 1000 ports; it is above 10.000 What is it ?

I try the first 10,000 ports after 10,000 and lucky here we have the open port.

| Question 3: How many TCP ports are open ?

You will find the answer after the first scan.

| Question 4: What is the flag hidden in the HTTP server header ?

| Question 5: What is the flag hidden in the SSH server header ?

ssh IP_Adress give the result Permission denied so try it with the -v option for verbose logging to see the debug information and to get the flag.

| Question 6: We have an FTP server listening on a nonstandard port. What is the version of the FTP server ?

I try it with the nmap -sV -p10021 <ip-address> option

| Question 7: We learned two usernames using social engineering: eddie and quinn. What is the flag in one of these two account files and accessible via FTP ?

  1. Create a file with the both usernames and start hydra
  2. hydra -L <name of you file> -P /usr/share/wordlists/rockyou.txt ftp://<yourip with the right port>

Next step connect with the ftp server with the username and password and look up for a file and download it to your Attackbox after that open and see the flag.

| Question 8: Browsing to displays a small challenge that will give you a flag once you solve it. What is the flag?

The challenge is to scan the IP without to be detected by the IDS. Okay let’s go.

I choose the Nmap Null Scan with: nmap -sN <your IP>. The Null Scan doesn’t set any bits (TCP flag header is 0)

Thanks to

to give the opportunity to learn about Network Security with a practice lab.

At the end thank you for the nice and interesting room.

Visit the room: