I will keep checking back periodically and so if you get stuck or need some more nudges I am happy to help.
I would recommend the following two step approach:
- Do large nmap scans just to find out what is out there
- They mentioned the use of IDS/IPS so using some evasion techniques may yield more findings
- investigate the found ports using previously taught approaches
- more targeted nmap commands or banner grabbing, again hide from ids/ips
As an extra nudge from some good advice posted earlier:
Discovering the service and port is one thing, but there’s a technique that is given in the reading section Firewall and IDS/IPS Evasion that should help you connect the dots.
Took me one day and owned it eventually.
The tutorial has gone over everything needed. Just a small thing: time is our friend. Did not realize that…
@Middle_aged, thanks for the little push to go reread that section and the reminder to breathe. I was right there, but just got into that headspace where you sling commands at the server hoping something works. What I needed is even in my notes haha! Thanks again.
-onthesauce
gracias , me ayudo mucho lo que escribistes , pude entender mejor las cosas
this thread helped me, thanks alot.
I stumbled across the answer by mistake not even following the Hack the Box guide.
I came across it using nmap documentation for “dns-nsid”. You will find they use -sSU, and I used -T5 for this scan.
Then UDP appears in your results and you will be able to continue from there. looks like port 53 udp is interesting.
i know where i wrong, this ans need two step, step1:find the open port (big very much) step2:exchage tools to build connect with that port ,you will get the ans