Prompt
Can you interact with the strange server and see what information you can extract?
Walk-Through
This challenge requires you to interact with a provided server hostname and port. Strangely if you attempt to scan it with a port scanning tool like nmap
, e.g.: nmap [hostname] -p [port number]
, you will find that nmap
will report the following output showing that the port is open:
PORT STATE SERVICE
8090/tcp open opsmessaging
However, if you attempt to scan it with the -sV
flag to enable the service detection feature, e.g. nmap [hostname] -p [port number] -sV
, you will strangely get the following output showing that the port is closed:
PORT STATE SERVICE VERSION
8090/tcp closed opsmessaging
This indicates to us that the port is likely not a standard service and is behaving strangely. So to further probe it, you may need to conduct some manual probing by connecting to the port and interacting with it. You can use command line tools such as nc
(netcat) to connect to the port, e.g.: nc [hostname] [port
number
]
. Once connected with nc
, you will see something that appears to be a hung shell prompt, but you can actually input data here. For example, you can attempt to type anything into shell like a simple “hello” which will then get a response from the server with the following text:
Use help to get a list of supported commands
So you can obligate and type back help
to receive this new output:
Here is a list of commands
version
list
get
help
Now, you can try these 4 different commands as shown above in order to interact with the server and get additional output. These commands are executed on the remote server that you connected to using nc
, much like how you can execute commands using tools like ssh
if you have used that to remotely access a server before.
Questions
What is the name and version of the software?
Run the version
command on the server
What is the flag?
Run the list
command on the server to get the directory listing and then use the get
command with the syntax of get [file name]
whereby the filename would be one of the files you get from the directory listing. Eventually, you will find that one of the files has a flag stored in it.
What is the size of the largest file in bytes?
Similarly, using the list
and get
commands, you can output all the files on the server to determine the size of each file. For context, each character of a text file occupies 1 byte when stored, so for example, a 10 character file uses 10 bytes on the disk.
©️ 2024 Cyber Skyline. All Rights Reserved. Unauthorized reproduction or distribution of this copyrighted work is illegal.