Introduction

We used Nmap and Hydra to perform scanning and enumeration of services and credentials. We also used Nmap to bypass an intrusion detection system. This was as part of net sec challenge from Tryhackme.

Get OSCP Certificate Notes

Use this challenge to test your mastery of the skills you have acquired in the Network Security module. All the questions in this challenge can be solved using only nmaptelnet, and hydra.

Challenge questions and answers

What is the highest port number being open less than 10,000?

There is an open port outside the common 1000 ports; it is above 10,000. What is it?

How many TCP ports are open?

What is the flag hidden in the HTTP server header?

What is the flag hidden in the SSH server header?

We have an FTP server listening on a nonstandard port. What is the version of the FTP server?

We learned two usernames using social engineering: eddie and quinn. What is the flag hidden in one of these two account files and accessible via FTP?

Browsing to http://MACHINE_IP:8080 displays a small challenge that will give you a flag once you solve it. What is the flag?

Video Walk-through