Don't give up !

Map it

dutchman24
9 years ago

8

I just completed this level, and I would like to encourage everyone who is still looking for the solution.
Very important is to not give up on this one… I think this is the real beginning to learn what you want to learn.
My advise = to scan a several times if you don’t find the answer, yesterday I didn’t find the results with the same scan that I did today to give me the result to solve this level. Other threads on this forum will give you the hint so you will understand where I’m talking about.
Good luck !!!

69replies
37voices
3,174views
1image
nunks500
9 years ago

2

Well you just encouraged me as well. Will keep it up!

jmutton
9 years ago

1

Is this level working. I can’t find anything in my scans :(

*********** [ADIGA]
9 years ago

0

did you try a wide range for your scan? maybe its not a known service used one you should be looking for….

jmutton
9 years ago

0

I’ve done a full scan using nmap.

*********** [ADIGA]
9 years ago

0

keep trying, same scan every day, one day it will work

jmutton
9 years ago

1

I think I’ve found the service in question but can’t seem to connect to it!

2 replies have been removed
jmutton
9 years ago | edited 9 years ago

0

I think the service that I’ve found and trying to connect to is a genuine service that is being used in conjunction with the IRC.

But the service name is very suspect!

thetechnophile
9 years ago

2

I’m not sure if this is TMI or if it would help anyone (if so, apologies to the mods) but if you know the tool(s) you have to use, if you Google it with the words “command examples”, you can follow a tut (the very first link) on which ones you need to use to get the correct information. Then, using that information, you can use another tool commonly used in conjunction with the first to eavesdrop to get the answer you need.

That said, I think this book (a PDF copy is available online) might also help some not familiar with steps of a pentest which these two tools are usually the first you run. It came to mind when doing this one.

“The Basics of Hacking and Penetration Testing” by Patrick Engebretson

It is not exhaustive but it explains the steps (recon/exploit/post exploit) and what each means, common tools used and their functions and what you, the hacker/pentester is to get out of them. I mention this because challenge solving, at least for me, isn’t so much about getting the flag/glory but also understanding the concepts behind them and learning.

It’s one thing to copy a command and solve something and another to know immediately what command to use because you’ve learned the concept.

That’s my two cents. Good luck to everyone :)

dutchman24
9 years ago

1

Its already 6 weeks ago I started to encourage everyone and I’m still receiving private messages of people who don’t find the solution. Personally it doesn’t bother me, most of the people are even very close. It’s for this I just want to say before asking help try to be sure that the target is right ;-).

thesmileynoob
8 years ago

0

Hey there,
I know I am a little late to the party.
I have spotted the suspicious service and have deciphered the message.
What I do not understand is where to proceed further? I have the location/link and the port. I just cannot connect to it.
And thanks for the book recommendation @thetechnophile I will definitely read it.
Thanks in advance.

dloser
8 years ago

0

That doesn’t sound like you found it at all. Keep looking!

SabunMacTavish
8 years ago | edited 8 years ago

0

Well, I actually found 2 ways of solving this level. [s]On 2 different ports.[/s] Keep looking guys! Its out there somewhere.
Actually, nmap ALONE is enough, to solve the challenge, but I’m not sure if its the intended solution though.

Mugi [Mugiwara27]
8 years ago

0

2 different ports, really ?
You should make a new thread in solution section and show us these two ! :)

SabunMacTavish
8 years ago

0

Ah….well..I misread my nmap output…using my company’s vsphere, supid resolution. Its only on 1 port. :p

spadehacker
8 years ago

0

Thanks dutchman24, I’ll keep on trying :)

spadehacker
8 years ago

0

Awesome! I found after the second scan B)

willywil548
8 years ago

0

I read this post and didn’t give up. Sat, result in the scanner appeared and I tried all with several different browsers… something worked and I pasted. This level took patience and 5 days of scanning. Good luck to all.

Willywil548

Mugi [Mugiwara27]
8 years ago | edited 8 years ago

0

5 days of scanning ? wow
Were you sending manually all packets ?

cn9 [1337boy]
8 years ago

0

How is it possible 5 days?!

Nastyblood
8 years ago

0

I think he meant 5 days trying different scan types and repeating same scans over and over again :P
Thats what happened to me , had to scan the website like 5 times with the same scan type for it to finally show up.

cn9 [1337boy]
8 years ago

0

oh that makes more sense i think

Reply has been removed
Mugi [Mugiwara27]
8 years ago

0

Oh lol okay I thought his scan lasted 5 days

cn9 [1337boy]
8 years ago

0

nah i just replied to willywill’s comment!
i checked for the date and only looked for the last dates of posting btw, didn’t noticed the original post was opened way before hah my bad :P

Mugi [Mugiwara27]
8 years ago

0

Yeah I just saw it, sorry :)
I’ve edited my original post ;)


0

hy guys how i can i do with the basic + 7 level i dont have any idea for that i want to solve but i dont now what is the tool using in the level

Mugi [Mugiwara27]
8 years ago | edited 8 years ago

0

Just read thread man
No pain ( actually I wouldn’t call it pain since you’re learning great stuff … ) no gain !

Nastyblood
8 years ago

0

No Pain No* gain
Fix Dat English

Mugi [Mugiwara27]
8 years ago

0

lol sorry, when I’m too tired I make some errors :p

Plessizo
8 years ago

-3

Please who know do a e-bomb

Mugi [Mugiwara27]
8 years ago

0

Wow, you want to do a electromagnetic bomb ? We have a good one here :o
@dloser any tutorial about this ? pls share

cn9 [1337boy]
8 years ago

0

is thiz priv8? wanna share?

Pzz0 [PuzzuS]
8 years ago

0

Image

| Just, Do It

dloser
8 years ago

0

This is electromagnetism 101. If you can’t even figure that out, I don’t think any tutorial will help.

Hint: look at the sky on a nice day for a big example…

cn9 [1337boy]
8 years ago
Mugi [Mugiwara27]
8 years ago

0

How do we create a sky? pls

Reply has been removed
Mugi [Mugiwara27]
8 years ago

0

Let’s use the fresh made e-bomb on this guy

6 replies have been removed
Mugi [Mugiwara27]
8 years ago

0

lol Nastyblood, someday you’ll not have to correct anything of me :p
Yeah 1337boy, I like doing this :)

2 replies have been removed
gruegovitch
8 years ago

0

Is it about a service on destination port 113 ?

gruegovitch
8 years ago

0

*“ident” service

Mugi [Mugiwara27]
8 years ago

0

Nope, when you’ll find it, you’ll know you found the good one :)

gruegovitch
8 years ago

0

Ok I’ll extend my nmap scan.

begHack
7 years ago

0

I am still stuck at this level. I am just curious to know why do we need to do multiple scans to identify the suspicious service? Could it be because the service is not running at all time or it only runs on some of the multiple backend servers. I did not get any suspicious service when i scanned the default server 4 times but when I incremented the ip address i get something interesting in the scan.

dimooz
7 years ago

0

What scanner do you use? Be sure to use the right options while scanning…

midnight000
7 years ago

0

I’m really not getting this, can anyone help? I have tried loads of scans.

Mugi [Mugiwara27]
7 years ago

0

What are the scans you’ve been trying to make?

midnight000
7 years ago

0

With zennmap, I have scanned multiple times on www.hackthis.co.uk. I was expecting to get it right away with TCP all ports.
standard nmap
tcp all ports (1-65535)
udp
zenmaps “Slow comprehensive scan”

I have also tried scanning with the default options using sparta and it made no difference. I am finding ports, but nothing that looks odd. I can’t remember all of them, but i would say that I have found about 15 ports, some open, some closed.

Mugi [Mugiwara27]
7 years ago

0

Be !peaceful while scanning

midnight000
7 years ago

0

I got the answer. It was not what I was expecting.

Mugi [Mugiwara27]
7 years ago

0

It would be too easy it was easily guessable ;)

begHack
7 years ago

0

I was stuck at this level for long. A couple of things that could help
1) Don’t just work with the default parameters of the scanner. Understand each and see if it can be expanded
2) Since people reported they had to scan multiple times I scheduled a script to run regularly and log the output. I still didn’t get the desired output. Maybe its because I was connecting from my office laptop/network and they have additional security.
Thanks to dimooz for guiding me to solve this.

Onswity
7 years ago | edited 7 years ago

0

Hello

Yes, don’t give up. It took me 6h, but most of the time, it was only my port scanner working.

Do not be impressed by all previous comments. Hackthis says they are running a service, so FIND IT!

See this exercise as an opportunity to read the manual of your port scanner software and learn more about port scanning and find the damn port.

When you found the service, well… Do with it what people usually do with a service.

charcode78
6 years ago

0

This level is Awesome!

dimooz
6 years ago

0

Congratulations for having solved this level.

tppt
4 years ago

2

Hey all, I just passed after struggling a lot since the suspicious service was not running on the server, so I wanted to add my feedback to help.

If you can’t find the password, try to scan the previous server instead, it worked for me: 85.159.213.101

fred [feuerstein]
4 years ago

1

Congratulations for solving it

rjkenny
4 years ago | edited 4 years ago | reply to #79656

0

I’ve been scanning the server (at defendtheweb.net, using TCP Connect scans on NMap) on and off for about a day now. Not seeing anything but SSH, HTTP and HTTPS.

Tried scanning the old server… worked on the first try.

Is the service blocked on defendtheweb.net, or does it only run once in a while here?

Or is the goal to map the domain, and related domains, then scan all those hosts? It’s possible to find it this way, just… seems like a change from the previous version of the challenge.

Just making sure I didn’t miss the point.


0

cloudfare?

Jeefbeef123
4 years ago

0

how do you scan.

some people are telling me to press “help” but i cant find it.

some people are telling to to press “ cmd-u”

what should i actually do

thank you

pouce
3 years ago

0

Got it !
Thanks for hints. I have to scan the old server to. Nothing on the actual one.
@Jeefbeef123 : Looking for “scan server” or “scan port” or else on google, you would find some tools to do it.
And after… try and read that thread and look for tuts about scanning.
Cheers


0

thank you

Reply has been removed
Tiruces
3 years ago | reply to #44040

1

Ok so here is the major mistake I have been doing. Is trying to solve the problem. But the problem is only a sign that tells you ok so you have to learn this, that etc. So thanks @thetechnophile for the book. And others that try to teach us to learn the real reason behind these problems.

pankaj [PKROCK2]
3 years ago

0

I think i have found the right port. this is running unknown service. But how to use it? please reply..

tppt
3 years ago

1

Hi Pankaj, the right port starts with the digit “6”. If you’ve got that right, search what kind of app how you can use to connect to a server port to query it. There are couple of solutions for linux and windows. Good luck!


0

thanks @tppt.
I think I have to dig deeper to solve this..

pankaj [PKROCK2]
3 years ago

0

filally i have completed the level.. It’s amazing.
i have tried diffrent type of scans all the day but due to network speed i could not find the right port. at night it is found in just 20 minutes.
all the best friends who are solving this

claymtk
3 years ago

0

Thx Guys

Reply has been removed
stikgz
3 years ago

0

It used to work before, but now the port is closed. The challenge is broken. Please fix it.

occasus
3 years ago

0

Port is up and running :)

Btw. there is a “report issue” button…

ranj-1
2 years ago

1

Folks, I can not find more than three ports on defendtheweb.net (85.10.194.253) and they are normal port/service, also, extend the range of ports and changed the type of scanning but no lack since 5 days. but did not get the suspicious port/service running!! what should I do next?

You must be logged in to reply to this discussion. Login
1 of 70

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss