Flag 5

Category

Subset of subset of hacking machines challenges

Challenge

Flag 5

We are given a URL - hackit.zh3r0.ml

Solution

Optional: Find IP address of the given domain using ping

Since it is a machine, begin with a full port scan

nmap -T4 -sC -sV -p- hackit.zh3r0.ml

Note: Not sure if I used the right [options], run nmap --help for better understanding and optimisation

This reveals all the open ports and services running on each port. Also notice that the services running are all mixed up.

22/tcp    open     http
25/tcp    filtered smtp
99/tcp    open     ssh
324/tcp   open     ftp
4994/tcp  open     unknown
11211/tcp filtered memcache

• Since http is running on port 22, it will be restricted by the browser and we will not be able to access it directly. There are two ways around this problem.
  1. Allow restricted ports in Firefox Browser
     • Go to about:config in Firefox address bar
     • Add a new string with name and value as

        name  : network.security.ports.banned.override
        value : 22 
       

     • Access http://hackit.zh3r0.ml:22/ to get Flag 5
       Flag 5: z3hr0{shouldve_added_some_filter_here}