NE01 - 100pts

Briefing

There is a TCP network service running on cfta-ne01.allyourbases.co. Find it to get the flag after you connect. Note: The target has many open ports - only one is the correct one. The correct port will identify itself with ID: ne01 after you connect.

Solution

  1. 1.
    Use nmap to scan the domain: nmap -Pn -sT -p1000-10000 -v cfta-ne01.allyourbases.co
    nmap results:
    1
    Completed Connect Scan at 17:46, 138.11s elapsed (9001 total ports)
    2
    Nmap scan report for cfta-ne01.allyourbases.co (52.210.101.44)
    3
    Host is up (0.11s latency).
    4
    Other addresses for cfta-ne01.allyourbases.co (not scanned): 34.251.231.207
    5
    rDNS record for 52.210.101.44: ec2-52-210-101-44.eu-west-1.compute.amazonaws.com
    6
    Not shown: 8997 filtered ports
    7
    PORT STATE SERVICE
    8
    1061/tcp open kiosk
    9
    8012/tcp open unknown
    10
    8013/tcp open unknown
    11
    8017/tcp open unknown
    12
    13
    Nmap done: 1 IP address (1 host up) scanned in 138.19 seconds
    Copied!
  2. 2.
    Manually connecting to each port with netcat shows the flag:
    1
    $ nc 52.210.101.44 1061
    2
    ID: ne01
    3
    Flag: Nmap_0f_the_W0rld!
    Copied!

Flag

Nmap_0f_the_W0rld!
Last modified 1yr ago
Copy link