Skip to content

Instantly share code, notes, and snippets.

@05t3

05t3/Kringlecon.md

Created January 3, 2022 17:37
Show Gist options
  • Save 05t3/bdf7068e266655cd97155e6719100be8 to your computer and use it in GitHub Desktop.
Save 05t3/bdf7068e266655cd97155e6719100be8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Kringlecon.md

3) Thaw Frost Tower's Entrance

Turn up the heat to defrost the entrance to Frost Tower. Click on the Items tab in your badge to find a link to the Wifi Dongle's CLI interface. Talk to Greasy Gopherguts outside the tower for tips.

Howdy howdy!  Mind helping me with this homew- er, challenge?
Someone ran nmap -oG on a big network and produced this bigscan.gnmap file.
The quizme program has the questions and hints and, incidentally,
has NOTHING to do with an Elf University assignment. Thanks!

Answer all the questions in the quizme executable:
- What port does 34.76.1.22 have open?
- What port does 34.77.207.226 have open?
- How many hosts appear "Up" in the scan?
- How many hosts have a web port open?  (Let's just use TCP ports 80, 443, and 8080)
- How many hosts with status Up have no (detected) open TCP ports?
- What's the greatest number of TCP ports any one host has open?

Check out bigscan.gnmap and type quizme to answer each question.


elf@96719431445c:~$

Solution

elf@406c91d1101f:~$ cat bigscan.gnmap | grep 34.76.1.22
Host: 34.76.1.22 ()     Status: Up
Host: 34.76.1.22 ()     Ports: 62078/open/tcp//iphone-sync///      Ignored State: closed (999)
elf@406c91d1101f:~$ quizme 62078
What port does 34.76.1.22 have open?
Please enter your answer or press h for a hint: 62078
That's correct!
We used this as a solution:
grep 34.76.1.22 bigscan.gnmap
This looks for "34.76.1.22" in the bigscan.gnmap file and shows us every place where it shows up.  In the results, we see:
  62078/open/tcp//iphone-sync///
This tells us port TCP 62078 was found open by nmap.
You have 5 challenges left.
elf@406c91d1101f:~$ grep 34.77.207.226 bigscan.gnmap 
Host: 34.77.207.226 ()     Status: Up
Host: 34.77.207.226 ()     Ports: 8080/open/tcp//http-proxy///      Ignored State: filtered (999)
elf@406c91d1101f:~$ quizme
What port does 34.77.207.226 have open?
Please enter your answer or press h for a hint: 8080
That's correct!
We used this as a solution:
grep 34.77.207.226 bigscan.gnmap
Like the previous challenge, this searches the nmap output file for a specific IP address.  In the output, we see TCP port 8080 is open:
  8080/open/tcp//http-proxy///
You have 4 challenges left.
elf@406c91d1101f:~$ 
elf@406c91d1101f:~$ grep up bigscan.gnmap 
# Nmap done at Fri Jul 26 12:4:23 -- 26054 IP addresses (26054 hosts up) scanned in 431.78 seconds
elf@406c91d1101f:~$ quizme
How many hosts appear "Up" in the scan?
Please enter your answer or press h for a hint: 26054
That's correct!
We used this as a solution:
grep Up bigscan.gnmap | wc -l
Running the grep part of the command returns every line with "Up" in it, and wc counts the bytes, characters, words, and lines that come out of grep. Using "-l" only shows lines.
You have 3 challenges left.
elf@406c91d1101f:~$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment