Firewall and IDS IPS Evasion Hard Lab

ℹ️ Informations¶

🌐 Website: HackTheBox
📚 Module: Network Enumeration With Nmap
🔗 Link: Firewall and IDS IPS Evasion Hard Lab

❓Question¶

Now our client wants to know if it is possible to find out the version of the running services. Identify the version of service our client was talking about and submit the flag as the answer.

📋 Walkthrough¶

Let's do a syn scan with nmap, source port 53 on all ports

sudo nmap -sS --min-rate 5000 --source-port 53 10.129.2.47 -p- --stats-every=5s 

PORT      STATE SERVICE
22/tcp    open  ssh
80/tcp    open  http
50000/tcp open  ibm-db2

Port 50000 seems sus. Let's nc on it with port 53

nc 10.129.2.47 50000 -p 53

220 HTB{*******************************}

Answer

HTB{*******************************}