https://tryhackme.com/room/protocolsandservers
Task 1 Introduction
Keine Fragen in diesem Task.
Task 2 Telnet
Frage 1:
To which port will the telnet command with the default parameters try to connect?
Telnet wird normalerweise auf Port 23 bedient.
Antwort 1:
23
Task 3 Hypertext Transfer Protocol (HTTP)
Frage 1:
Launch the attached VM. From the AttackBox terminal, connect using Telnet to 10.10.10.255 80 and retrieve the file flag.thm. What does it contain?
Wir müssen hier auf die Groß- und Kleinschreibung achten und nach „host: telnet“ 2x ENTER drücken:
└─$ telnet 10.10.10.255 80
Trying 10.10.10.255...
Connected to 10.10.10.255.
Escape character is '^]'.
GET /flag.thm HTTP/1.1
host: telnet
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Oct 2022 17:29:43 GMT
Content-Type: application/octet-stream
Content-Length: 39
Last-Modified: Wed, 15 Sep 2021 09:19:23 GMT
Connection: keep-alive
ETag: "6141ba9b-27"
Accept-Ranges: bytes
THM{e3eb0a1df437f3f97a64aca5952c8ea0}Antwort 1:
THM{e3eb0a1df437f3f97a64aca5952c8ea0}
Task 4 File Transfer Protocol (FTP)
Frage 1:
Using an FTP client, connect to the VM and try to recover the flag file. What is the flag?
Wir loggen uns via ftp auf der Machine ein und laden die Flag herunter:
└─$ ftp 10.10.10.255
Connected to 10.10.10.255.
220 (vsFTPd 3.0.3)
Name (10.10.10.255:kali): frank
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Entering Extended Passive Mode (|||33871|)
150 Here comes the directory listing.
drwx------ 10 1001 1001 4096 Sep 15 2021 Maildir
-rw-rw-r-- 1 1001 1001 4006 Sep 15 2021 README.txt
-rw-rw-r-- 1 1001 1001 39 Sep 15 2021 ftp_flag.thm
226 Directory send OK.
ftp> get ftp_flag.thm
local: ftp_flag.thm remote: ftp_flag.thm
229 Entering Extended Passive Mode (|||59796|)
150 Opening BINARY mode data connection for ftp_flag.thm (39 bytes).
100% |********************************************************************************************************************| 39 45.33 KiB/s 00:00 ETA
226 Transfer complete.
39 bytes received in 00:00 (0.51 KiB/s)
ftp> exit
221 Goodbye.Jetzt lassen wir uns den Inhalt ausgeben:
└─$ cat ftp_flag.thm
THM{364db6ad0e3ddfe7bf0b1870fb06fbdf}Antwort 1:
THM{364db6ad0e3ddfe7bf0b1870fb06fbdf}
Task 5 Simple Mail Transfer Protocol (SMTP)
Frage 1:
Using the AttackBox terminal, connect to the SMTP port of the target VM. What is the flag that you can get?
Die Flag wird uns direkt nach der Verbindung ausgegeben:
└─$ telnet 10.10.10.255 25
Trying 10.10.10.255...
Connected to 10.10.10.255.
Escape character is '^]'.
220 bento.localdomain ESMTP Postfix THM{5b31ddfc0c11d81eba776e983c35e9b5}Antwort 1:
THM{5b31ddfc0c11d81eba776e983c35e9b5}
Task 6 Post Office Protocol 3 (POP3)
Frage 1:
Connect to the VM (10.10.10.255) at the POP3 port. Authenticate using the username frank and password D2xc9CgD. What is the response you get to STAT?
└─$ telnet 10.10.10.255 110
Trying 10.10.10.255...
Connected to 10.10.10.255.
Escape character is '^]'.
+OK Hello there.
USER frank
+OK Password required.
PASS D2xc9CgD
+OK logged in.
STAT
+OK 0 0Antwort 1:
+OK 0 0
Frage 2:
How many email messages are available to download via POP3 on 10.10.10.255?
Mit STAT haben wir als Antwort 0 0 bekommen, das steht für 0 Emails.
Antwort 2:
0
Task 7 Internet Message Access Protocol (IMAP)
Frage 1:
What is the default port used by IMAP?
Antwort 1:
143
Task 8 Summary
Keine Fragen in diesem Task.