100pts
There is a TCP network service running on
cfta-ne01.allyourbases.co. Find it to get the flag after you connect.
Note: The target has many open ports - only one is the correct one. The correct port will identify itself with
ID: ne01after you connect.
As we need to find a port, a quick Nmap search takes care of this:
nmap -sV -sC -Pn cfta-ne01.allyourbases.co
Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-05 12:51 EDT
Nmap scan report for cfta-ne01.allyourbases.co (34.251.231.207)
Host is up (0.046s latency).
Other addresses for cfta-ne01.allyourbases.co (not scanned): 52.210.101.44
rDNS record for 34.251.231.207: ec2-34-251-231-207.eu-west-1.compute.amazonaws.com
Not shown: 999 filtered ports
PORT STATE SERVICE VERSION
1061/tcp open tcpwrappedUsing Netcat, we can quickly connect to the service using nc cfta-ne01.allyourbases.co 1061:
nc cfta-ne01.allyourbases.co 1061
ID: ne01
Flag: Nmap_0f_the_W0rld!If you have some free time on your hands, you can use bash to code a script that automates netcat for you(be warned it takes 25 seconds a port)
#!/bin/bash
x=1
while [ $x -le 65536 ]
do
nc cfta-ne01.allyourbases.co $x
x=$(( $x + 1 ))
doneFlag: Nmap_0f_the_W0rld!