Store Page
World of Haiku
All Discussions Screenshots Artwork Broadcasts Videos Workshop News Guides Reviews

World of Haiku

Store Page
View Stats:
Global Achievements
Original ShadowWolfe Dec 24, 2022 @ 11:15pm
Struggling on nmap dojo, would love some help
I am just going through the nmap dogo, and there are 5 flags, and once you know how to submit them, most of them are really easy to get from running nmap.

I am having an issue with the flag "Find credential in a file on a "evelyn_pc"

So my thought had been to run nmap to scan services/ports on that machine
nmap -sV -O 192.64.52.21
And this results in a list of services. In previous missions you usually have a way to find credentials on a previous machine, or you can use curl. I cannot find any details on other computers in the network, and curl cannot connect to port 443 so I don't see anyway of getting the next piece of knowledge to finish the flag.

I have tried everything I can think of so this leads me to the idea that I am clearly missing something obvious, so if you can give me a hint on what I'm missing I would greatly appreciate it.
< >
Showing 1-8 of 8 comments
Sly_lurkmaster Dec 28, 2022 @ 2:34pm 
Hi,

A list of suggestions you might find helpful if you are still stuck on this:

  • you are being given all you need to complete the exercise;

  • if stuck reread the assignment (what does each flag ask of you? what does its wording imply?);

  • just because the dojo is about the nmap command it does not mean that you will use *only* the nmap and its parameters to obtain your flags;

  • keep in mind that the higher objective of this game is training;

  • try to consider the game as a very interactive tutorial that highlights the info you need to reach your objectives;

I promise you, trust yourself, you know more than you think do.

if after this hints you still need help let me know. I'll add more under spoilers
Last edited by Sly_lurkmaster; Dec 28, 2022 @ 2:36pm
#1
Original ShadowWolfe Jan 20, 2023 @ 10:35pm 
I was way overthinking this puzzle. The hint I would give anyone else who struggles with this one is to fully read the data you get from the nmap scan and understand the extra information that you get.
#2
geezlaweezun Mar 20, 2023 @ 10:20am 
I've been trying it for hours and just cannot come up with the answer. Another hint or two would be sweet. Thanks.
#3
Sly_lurkmaster Mar 21, 2023 @ 10:10am 
Originally posted by geezlaweezun:
I've been trying it for hours and just cannot come up with the answer. Another hint or two would be sweet. Thanks.

Let me know if this more direct hint gets you unstuck
let's deconstruct the objective asking ourselves questions

Objective: Find credential in a file on "xxx_pc"

what is the flag we need to find? credential
where can we find the flag? inside a file on a "xxx_pc"

implied question/problem the objective aims to solve:
How do I access a file that is on a specific computer within the network?

Hope it helps
#4
Jay For Short Mar 29, 2023 @ 6:39pm 
Originally posted by geezlaweezun:
I've been trying it for hours and just cannot come up with the answer. Another hint or two would be sweet. Thanks.

To add one more hint to what @Sly_lurkmaster wrote...

man flag

Click.
#5
Alextabitha Apr 22, 2023 @ 8:47am 
I think this particular question could be better designed the solution seems really bizarre and I doubt you'd ever see something similar in a real world scenario or other CTFs. For example if it wasn't highlighted I'd never have gotten this. I'd have much preferred using curl to find some sort of credentials that I could use to access the system.
#6
browning907 Jul 3, 2023 @ 7:46pm 
Originally posted by Jay For Short:
Originally posted by geezlaweezun:
I've been trying it for hours and just cannot come up with the answer. Another hint or two would be sweet. Thanks.

To add one more hint to what @Sly_lurkmaster wrote...

man flag

Click.

I am doing this and I cannot for the life of me figure out what they want. I'm even ssh'd into the target pc and have cat the flagged file. Nothing is working and I don't know what to do
#7
vxjesterxv Sep 3, 2023 @ 4:20am 
Originally posted by browning907:
Originally posted by Jay For Short:

To add one more hint to what @Sly_lurkmaster wrote...

man flag

Click.

I am doing this and I cannot for the life of me figure out what they want. I'm even ssh'd into the target pc and have cat the flagged file. Nothing is working and I don't know what to do


I know i’m a little bit late on this one. But i did have problems with it too. What helped me was doing

man flag and reading all the different options

then man nmap and trying to match some of those options.
#8
< >
Showing 1-8 of 8 comments
Per page: 1530 50

World of Haiku > General Discussions > Topic Details
Date Posted: Dec 24, 2022 @ 11:15pm
Posts: 8

Discussions Rules and Guidelines