Intermediate Nmap: Try Hack Me

Today we will be taking a look at a new box on Try Hack Me, Intermediate Nmap. This is rated as an easy box.

Jumping right in, we are going to use the attack box for this one. We will start up the machine and start up the attack box and then run a TCP NMAP scan. As shown below we are using a -p- for all ports -T4 for a timing of 4 which is one above the default, -Pn means do not ping, -sT for a TCP scan and lastly -vv for very verbose.

We can see that there are 3 ports open, lets do a banner grab on port 31337 utilizing netcat.

Easy day, we have a user and a password. Lets try to utilize port 22 and SSH in.

And we are in, lets search around and see if we can find the flag:

And as we can see above we can read that flag.txt.

This was a pretty easy box, however, it does teach you that you need to enumerate everything. Doing a TCP scan made it much faster where we were not waiting for a long time to run a full port SYN scan. Have patience and this box should be quick for you.

Thanks for reading.