Community Manager
Bronze IIAny luck CalumS? I have spent hours scanning DNS and HTTP
Bronze III finally got it after looking through the Nmap lessons. Nmap: Ep.2 – Using Nmap task 9, it will give you a command then use what you find there and check that port.
Bronze II scanned as instructed but perhaps I'm overlooking the outcome, should I see the token as the result of the Nmap scan or further port analysis is required?
Community ManagerNice hint!
Bronze IWhere are the lessons located? I've been bashing my head on this for hours now. Learned so much though :)
Bronze IIThis lesson is located as mentioned above:
To find the lab in the Immersive Labs Platform, Click Exercise > Challenges & Scenarios > The Human Connection Challenge: Season 1 > Scanning
Bronze III ended up searching for the term "scanning" and doing all the scanning labs, that helped get me started. Brilliant way to learn though would like a hint section when you get stuck on an answer and have been at it for hours, just so the balance of time spent against lesson learnt isn't leaning towards too much time spent for one small answer.
Bronze IIIThere is definitely a bug in this lab. The first time I ran it - I somehow managed to kill the port that returns the token. It showed up in my first nmap scan - but when I tried to connect to it, it just disappeared and never showed up again in subsequent nmap scans. I had to restart the lab - and the second time, it stayed visible and I could pull the token... If you're only seeing 3 ports, not 4, something has gone wrong...
Bronze IThanks so much for that! There's a way to be stealthy when scanning. Maybe that's what needs to be done. I'm going to try resetting the lab and try again.
Bronze IIIThe port with the token on it doesn't appear in nmap's default list of ports if you're running it without specifying particular ports to look at. So - if you just nmap the machine as "nmap -sT ip.address" you'll see three ports - but, if you add "-p-" (to scan all ports), you should see a fourth port appear... ;-) If you also tell it to try and version scan stuff (-sV) - it should dump the token out as part of its "service unrecognised despite returning data" logging...