Attacking Common Services - Medium

I’ve been trying to figure this one out for ~2 weeks.

  • I tried brute forcing SSH and FTP.
  • I tried enumerating usernames using smtp-user-enum on ports 110 and 995 using the provided usernames list and another bigger list.
  • I found a zone transfer, but couldn’t get anywhere from there.
  • I even tried enumerating the subdomains.

I feel like DNS is the entry point, but I am out of ideas. Could someone please help?

Have you found a username?

1 Like

No, unfortunately. Am I supposed to use the provided userlist or something else?

The clue is to accuratly enumerate a nonstandard open port.

1 Like

Thank you. It was pretty straightforward after scanning all ports :slight_smile:

1 Like