[SOLVED] Redeemer not returning any port number with nmap

This was not easy for a noob like me! :stuck_out_tongue:

I tried all the suggested approaches that the “HTB Redeemer Walkthrough” documentation was mentioning but non of them worked for me. The host was up but all of 65535 scanned ports were ignored an for that reason were not returned.

I’ve tried a huge list of approaches with nmap but none of them are returning the desired port (some of them took me long time execute):

NMAP tests I’ve performed so far with no positive results:

:~# nmap -p- -sV {target_IP}
:~# nmap -p- -sV -Pn {target_IP}
:~# nmap -p- -sV -Pn -PS {target_IP}
:~# nmap -p- -sV -Pn -PS -sS {target_IP}
:~# nmap -p- -sV -Pn -PS -sS --min-rate 5000 {target_IP}
:~# nmap -p- -sV -Pn -PS -sS --min-rate 5000 {target_IP}

The result is always this:

Starting Nmap 7.93 ( https://nmap.org ) at 2023-01-03 08:12 EST
I’m also getting the same outcome. I already tried different approaches with nmap but none of them are returning the desired port.

Then I decided to take a smart/logical approach. Since the question was to find a TCP port and the port needed to have 4 digits and end with ‘9’, then I tested the following:

:~# nmap -p T:1009-9999 -Pn -sV {target_IP}

Help on the used parameters:

-p-: scan all ports
-sV: Probe open ports to determine service/version info
-Pn: Treat all hosts as online – skip host discovery
-PS: TCP SYN discovery to given ports
-sS: TCP SYN scan
–min-rate {number}: Send packets no slower than per second
-p T:{port ranges}: Only scan specified ports using TCP protocol