I will keep checking back periodically and so if you get stuck or need some more nudges I am happy to help.
1 Like
I would recommend the following two step approach:
- Do large nmap scans just to find out what is out there
- They mentioned the use of IDS/IPS so using some evasion techniques may yield more findings
- investigate the found ports using previously taught approaches
- more targeted nmap commands or banner grabbing, again hide from ids/ips
2 Likes
As an extra nudge from some good advice posted earlier:
Discovering the service and port is one thing, but thereâs a technique that is given in the reading section Firewall and IDS/IPS Evasion that should help you connect the dots.
1 Like
Took me one day and owned it eventually.
The tutorial has gone over everything needed. Just a small thing: time is our friend. Did not realize thatâŚ
@Middle_aged, thanks for the little push to go reread that section and the reminder to breathe. I was right there, but just got into that headspace where you sling commands at the server hoping something works. What I needed is even in my notes haha! Thanks again.
-onthesauce
gracias , me ayudo mucho lo que escribistes , pude entender mejor las cosas
this thread helped me, thanks alot.
I stumbled across the answer by mistake not even following the Hack the Box guide.
I came across it using nmap documentation for âdns-nsidâ. You will find they use -sSU, and I used -T5 for this scan.
Then UDP appears in your results and you will be able to continue from there. looks like port 53 udp is interesting.
i know where i wrong, this ans need two step, step1:find the open port (big very much) step2:exchage tools to build connect with that port ,you will get the ans
2 Likes
I wasnât totally sure what this problem was asking, so, if you feel the same, I hope this hint helps: try scanning every port on the host and investigate the open ones, esp those with higher numbers. I went down a rabbit hole probing port 53, but youâre looking for another HTB{} flag stored in the version banner of a service not explored in previous problems.
I also found the âFirewall and IDS/IPS Evasionâ section helpful once I discovered the port to investigate.
just find the port you need and use sudo with netcup (without sudo it doesnât work)
The trick for me was using Sudo.
This is the line I used to get the Flag.
sudo nc -nv -p 53 IP 50000
Hey still stuck on this even with sudo, returned this error:
sudo ncat --source-port 53 10.129.207.170 50000
[sudo] password for kali:
libnsock mksock_bind_addr(): Bind to 0.0.0.0:53 failed (IOD #1): Address already in use (98)
Ncat: TIMEOUT.
been stuck for almost a week, anyhelp appreciated
You are missing some parameters from what is included in the example in the academy materials â-nvâ which might be important. look up what -n does
I tried everything here and couldnât find the flag, it wasnât until reading the forum that I discovered the port in question and yet I have no idea how I could find it as the VM and target have a limited lifespan and scanning all ports by UDP is very, very slow, even on -T5. How did anybody find the correct port by scanning with -p- in time!?
2 Likes
hello,
first find the port state, after that you can use simple command to find the âflagâ service version
You do not need more than this to get your flag âsudo nc -nv -p 53 IP 50000â
