TryHackMe — Jr Penetration Tester — Net Sec Challenge
Task 1 — Introduction
Read only task !!
Task 2 — Challenge Questions
Answer the questions below
Q 1. What is the highest port number being open less than 10,000?
Ans. Command syntex — nmap -v -T4 — top-ports 10000 Machine_IP
(double hypen) — top-ports = Scans the <n>
highest-ratio ports found in nmap-services
file after excluding all ports specified by --exclude-ports
. <n>
must be 1 or greater.
Q 2. There is an open port outside the common 1000 ports; it is above 10,000. What is it?
Ans. Command — nmap -v -T5 -p0–65535 machine_IP or nmap -v -T4 -p- Machine_IP
Q 3. How many TCP ports are open?
Ans. Command — nmap -v -T4 -p- machine_IP (for scan all TCP Port)
Q 4. What is the flag hidden in the HTTP server header?
Ans. Command — curl -I machine_ip
Q 5. What is the flag hidden in the SSH server header?
Ans. Command — telnet 10.10.19.179 22
Q 6. We have an FTP server listening on a nonstandard port. What is the version of the FTP server?
Ans. Command — ftp Machine_IP port no (which we found in earlier task for FTP)
Q 7. We learned two usernames using social engineering: eddie
and quinn
. What is the flag hidden in one of these two account files and accessible via FTP?
Ans. first try with user “eddie
” we do not found anything in FTP directory.
Now try with user “quinn
”
We found the flag and download the flag to local machine and view it using below command
Q 8. Browsing to http://10.10.19.179:8080
displays a small challenge that will give you a flag once you solve it. What is the flag?
Ans. — command — nmap -sN -v 10.10.19.179(machine’s Ip)
Task 3 — Summary
Read only task !!