TryHackMe — Jr Penetration Tester — Net Sec Challenge
Task 1 — Introduction
Read only task !!
Task 2 — Challenge Questions
Answer the questions below
Q 1. What is the highest port number being open less than 10,000?
Ans. Command syntex — nmap -v -T4 — top-ports 10000 Machine_IP
(double hypen) — top-ports = Scans the <n> highest-ratio ports found in nmap-services file after excluding all ports specified by --exclude-ports. <n> must be 1 or greater.
Q 2. There is an open port outside the common 1000 ports; it is above 10,000. What is it?
Ans. Command — nmap -v -T5 -p0–65535 machine_IP or nmap -v -T4 -p- Machine_IP
Q 3. How many TCP ports are open?
Ans. Command — nmap -v -T4 -p- machine_IP (for scan all TCP Port)
Q 4. What is the flag hidden in the HTTP server header?
Ans. Command — curl -I machine_ip
Q 5. What is the flag hidden in the SSH server header?
Ans. Command — telnet 10.10.19.179 22
Q 6. We have an FTP server listening on a nonstandard port. What is the version of the FTP server?
Ans. Command — ftp Machine_IP port no (which we found in earlier task for FTP)
Q 7. We learned two usernames using social engineering: eddie and quinn. What is the flag hidden in one of these two account files and accessible via FTP?
Ans. first try with user “eddie” we do not found anything in FTP directory.
Now try with user “quinn”
We found the flag and download the flag to local machine and view it using below command
Q 8. Browsing to http://10.10.19.179:8080 displays a small challenge that will give you a flag once you solve it. What is the flag?
Ans. — command — nmap -sN -v 10.10.19.179(machine’s Ip)
Task 3 — Summary
Read only task !!
