HTB Academy Network Enumeration nmap IDS/IPS Evasion

Does Anyone have any hints for the medium lab. I have been working on this for a few days now?

I am stuck on hard lab. Can’t find the answer

What have you tried so far on medium lab? it’s not that hard.

Hi, can someone help with medium lab? I tried the same script that was suggested above, the dns-nsid one, but didn’t work. I receive response from 53UDP but no matter what I do I can’t get the version.

have you solved it now?

EDIT: tried almost all the script of nmap, tried dig command, tried “fpdns” which I think showed something useful “ISC BIND 9.2.3rc1 – 9.4.0a4” still thats not the correct answer. Someone help

Remember that DNS resolutions are made via port 53 UDP and TCP. So we can use some nmap option to send requests from this port and bypass the firewall’s filtering rules.

Documentation Nmap

It’s a trick, the version actually is a flag.

I stumbled across the answer by mistake not even following the Hack the Box guide.

I saw using nmap documentation the script for “dns-nsid”. You will find they use -sSU, and I used -T5 for this scan. Just follow the same format of the example on nmap documentation.

Then UDP appears in the results and you will be able to continue from there. looks like port 53 udp is interesting to help you finish the next lab wish is the hard lab using another tool (ncat). This is in the HTB

Firewall and IDS/IPS Evasion