Can you combine your great nmap skills with other tools to log in to this machine?
Intermediate Nmap
step 1
nmap -sV VM_IP
3 open ports
step 2
as last one is not standard port I have opened the web browser and IP+port and here was the plaintext username and password.
step3
trying to connect via ssh with username and pass found in previous step
and I was logged in. I have also checked directory and user
step4
my first guess was that the flag will be in flag file and I went to search for the file
find / -name flag* 2>/dev/null
result of the search returned following list and last on the list was correct one
No comments:
Post a Comment