Try Hack Me Net Sec Challenge
@ Animesh Roy | Monday, Oct 18, 2021 | 2 minutes read | Update at Monday, Oct 18, 2021

OverView

Net Sec Challengelogo
Net Sec Challenge [Subscription Required]Net Sec Challenge

Task 01: Introduction

Use this challenge to test your mastery of the skills you have acquired in the Network Security module. All the questions in this challenge can be solved using only nmap, telnet, and hydra.

  • start the VM

Task 02: Challenge Questions

Answer the questions below

QuestionAnswer
What is the highest port number being open less than 10,000?port
There is an open port outside the common 1000 ports; it is above 10,000. What is it?over 10000
How many TCP ports are open?
What is the flag hidden in the HTTP server header?header
What is the flag hidden in the SSH server header?ssh-server
We have an FTP server listening on a nonstandard port. What is the version of the FTP server?ftp
We learned two usernames using social engineering: eddie and quinn. What is the flag hidden in one of these two account files and accessible via FTP?hydra
Browsing to http://MACHINE_IP displays a small challenge that will give you a flag once you solve it. What is the flag?covert-nmap

recon

Nmap

nmap-all-ports

img

port-over-10000

img

TCP-Port

scan results total port number :)

HTTP server header

img

SSH server header

We do not have any credentails to login. anyways it says on header, let’s just print ssh banner/header using ssh -v flag.

 ```bash
 ssh -v MACHINE_IP
 OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
 debug1: Reading configuration data /etc/ssh/ssh_config
 debug1: /etc/ssh/ssh_config line 19: Applying options for *
 ...[snip]...
 debug1: match: OpenSSH_8.2p1 'THM{flag-was-here}' pat OpenSSH* compat 0x04000000
 debug1: Authenticating to 10.10.206.83:22 as 'root'
 ...[snip]...
 debug1: No more authentication methods to try.
 [email protected]: Permission denied (publickey).
 ```

FTP

img

Hydra

  • save usernames to a file usr and use /usr/share/wordlists/rockyou.txt as password file

  • hydra command:

    hydra -L usr -P /usr/share/wordlists/rockyou.txt ftp://10.10.206.83:10021

  • creds

    img

  • flag

    img

covert-Nmap

nmap -sN MACHINE_IP

img

© 2010 - 2024 Classroom

Reading Stuffs

Social Links

YOU CAN REUSE MY CONTENT