📦
HTB
  • Machines
    • Starting Point Machines
      • Tier 0 Machines
        • Meow
        • Fawn
        • Dancing
        • Redeemer
        • Explosion
        • Preignition
        • Mongod
        • Synced
      • Tier 1 Machines
        • Appointment
        • Sequel
        • Crocodile
        • Responder
        • Three
        • Ignition
        • Bike
        • Funnel
        • Pennyworth
        • Tactics
      • Tier 2 Machines
        • Archetype
        • Oopsie
        • Vaccine
        • Unified
        • Included
        • Markup
        • Base
    • Easy Machines
      • Nibbles
      • Stocker
      • Lame
        • Findings
        • Recon
          • NMAP
          • FTP
          • SSH
          • SMB Client
        • Exploitation
          • FTP
          • Samba
      • Find the easy Pass
      • Weak RSA
      • Jerry (Windows)
        • Recon
        • Enumeration
        • Vulnerabilities
      • You know 0xDiablos
      • Netmon
      • Blue
      • Precious
      • Optimum
      • Cap
      • Knife
    • Medium Machines
      • Under Construction
  • Getting Started Notes
    • Getting Help
    • SSL/TLS Certificates
    • Tutorial Websites
    • Wayback Machine
    • Wappalyzer
    • Google Hacking/Dorking
    • Blogs
    • Youtube Resources
    • Vulnerable Machines
    • Challenges
    • Parrot
    • Common Terms
    • Common Ports
    • SecLists
    • Shells
    • Enumeration Scripts
    • Escalation
    • Downloading files from Target
    • Knowledge Check
Powered by GitBook
On this page
  1. Machines
  2. Starting Point Machines
  3. Tier 0 Machines

Synced

PreviousMongodNextTier 1 Machines

Last updated 2 years ago

Task 1: What is the default port for rsync?

  • Running an nmap scan of the IP shows that rsync is running on port 873 which is the answer to this question.

Task 2: How many TCP ports are open on the remote host?

  • The nmap scan from before also only shows one tcp port open.

Task 3: What is the protocol version used by rsync on the remote machine?

  • Run a version nmap scan which gives you a version 31 for rsync.

Task 4: What is the most common command name on Linux to interact with rsync?

  • I guessed rsync which was right but a quick google search also gives you the answer.

Task 5: What credentials do you have to pass to rsync in order to use anonymous authentication? anonymous:anonymous, anonymous, None, rsync:rsync

  • I took a guess and it was "None"

Task 6: What is the option to only list shares and files on rsync? (No need to include the leading -- characters)

  • I browsed the options menu for rsync and found that the option is "list-only".

Submit the Flag:

  • Utilizing the following commands to see what shares are available:

rsync --list-only [IP]::

  • This shows two shares. Let's take a look at the public shares with this command:

rsync --list-only [IP]::public

  • There is a flag file available. Use the following command to download the file:

rsync [IP]::public/flag.txt flag.txt

  • This should download to the file to your current working directory.

  • cat the file to show the flag as: 72eaf5344ebb84908ae543a719830519

365KB
Synced_Write_Up.pdf
pdf