Footprinting Lab - easy

Dear all,

I’ve succeed this room but I’m still wondering, why while log in in FTP, i can’t just do “cd …” and find the “flag” directory ? It may be an obvious question

Thank you

the DNS part here is a misdirection and i hate it.

1 Like

thank you for that hint, appeared everything did well instead find those files :slight_smile:

Thank you. This hint was very helpful.

Hey there,

I was going through this lab yesterday and I would like to give you some suggestions as I gave the very same suggestions to myself:

  1. do not focus on everything written in the challenge, that’s what the client asked not what you have to do (forget DNS).

  2. remember the mantra:
    • What can we see?
    • What reasons can we have for seeing it?
    • What image does what we see create for us?
    • What do we gain from it?
    • How can we use it?
    • What can we not see?
    • What reasons can there be that we do not see?
    • What image results for us from what we do not see?

Let’s suppose you connected and you used the usual command ls to list files…you can’t see a thing…well…remember point n.2, What reasons can there be that we do not see? Hidden files maybe? try!

  1. You have 2 FTP servers…did you try to connect to both? Can you see the files? Did you try to look for hidden files or directories? Now let’s suppose you can see hidden files…the next question is: do you see anything that looks interesting? Did you check the .bash_history file to see what was done on that machine?
  2. now that you know you have files there find a way to download them…do not waste time on Google…just look at wget -h and you will understand by yourself how to download everything.

Build a mindset like this and do not ask immediately on a forum, this is a reminder to myself.

Take care guys.

Late to the party but just getting started on the CPTS pathway and also having issues with the Footprinting Lab - Easy. I have tried using the recommended wget command from the cheatsheet and also seeing that it is recommended here as well. I am using the credentials provided in the text withing the module and also specifying the required port but still getting Permission denied.