# Synced {% file src="" %} **Task 1: What is the default port for rsync?** * Running an nmap scan of the IP shows that rsync is running on port 873 which is the answer to this question. **Task 2: How many TCP ports are open on the remote host?** * The nmap scan from before also only shows one tcp port open. **Task 3: What is the protocol version used by rsync on the remote machine?** * Run a version nmap scan which gives you a version 31 for rsync. **Task 4: What is the most common command name on Linux to interact with rsync?** * I guessed rsync which was right but a quick google search also gives you the answer. **Task 5: What credentials do you have to pass to rsync in order to use anonymous authentication? anonymous:anonymous, anonymous, None, rsync:rsync** * I took a guess and it was "None" **Task 6: What is the option to only list shares and files on rsync? (No need to include the leading -- characters)** * I browsed the options menu for rsync and found that the option is "list-only". **Submit the Flag:** * Utilizing the following commands to see what shares are available: ``` rsync --list-only [IP]:: ``` * ![](https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2FO4TDFmGFuVSCuWR6rlgc%2Fimage.png?alt=media\&token=19a762a9-40e9-4951-8ca4-11fcb1f6be38) * This shows two shares. Let's take a look at the public shares with this command: ``` rsync --list-only [IP]::public ``` * ![](https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2FHok1htSxyWQLBa4fAL01%2Fimage.png?alt=media\&token=4ab9c308-45d5-4ec1-9247-7272b702da6b) * There is a flag file available. Use the following command to download the file: ``` rsync [IP]::public/flag.txt flag.txt ``` * This should download to the file to your current working directory. * cat the file to show the flag as: 72eaf5344ebb84908ae543a719830519