MAP-IT pls help i have problems

Map it

sudoking32
3 years ago

0

i have problems in this topic. i used sqlmap but cant find anything

38replies
18voices
2,046views
mortfeus
3 years ago | edited 3 years ago

2

Its a scan level, you have to scan the site defendtheweb.net. Use nmap for your scans.

Ps: sqlmap is important to do only sqlinjection.

sudoking32
3 years ago

1

ive allready used it but i dont know what im searching for is it some port(s)?

mortfeus
3 years ago | edited 3 years ago

1

Yes search all active to ports and try to connect to them

sudoking32
3 years ago

2

tried it but did not work, what did i forgot even the ssh want let me in without the key

sudoking32
3 years ago

1

im still stuck at this level

mortfeus
3 years ago

1

Ok I will pm you @sudoking32

FAllenValkyrie
3 years ago

3

Can anyone help me this too. I am actually learning about nmap, but i dont know about all it’s uses. I have scanned and i got three ports though.

mortfeus
3 years ago

1

@sudoking32 @FAllenValkyrie The level is offline, I just tried but I failed. Wait a bit until it become online again.

JunkMail
3 years ago | reply to #81379

0

@mortfeus How can you tell it is offline? I’ve been working on this level for a few days now and have only been seeing the same 5 ports; nothing ‘suspicious’.

Kaldah
3 years ago

0

I tried to do the level again and I didn’t succeed either, So it’s probably offline or we have missed something but I think I did it the same way as before so yup the level is probably offline.

AgentHitmanFaris
3 years ago | edited 3 years ago

0

Try look for the old website or try to find the history of the websites domain

FAllenValkyrie
3 years ago

0

old websites?

Kaldah
3 years ago

0

The name of the website was hackthis before and I guess there is a way to find the informattion you need with an history of defendtheweb or hackthis.

f0rk [HackingGuy]
3 years ago | edited 3 years ago

0

hackthis.co.uk has been transitioned to defendtheweb.net.
The only difference here is the DNS record, not the physical server that is being reached:

HackingGuy in ~ ? ping -c 1 hackthis.co.uk  
PING hackthis.co.uk (85.10.194.253): 56 data bytes  
64 bytes from 85.10.194.253: icmp_seq=0 ttl=52 time=131.555 ms  
--- hackthis.co.uk ping statistics ---  
1 packets transmitted, 1 packets received, 0.0% packet loss  
round-trip min/avg/max/stddev = 131.555/131.555/131.555/0.000 ms  


HackingGuy in ~ ? ping -c 1 defendtheweb.net  
PING defendtheweb.net (85.10.194.253): 56 data bytes  
64 bytes from 85.10.194.253: icmp_seq=0 ttl=52 time=131.617 ms  
--- defendtheweb.net ping statistics ---  
1 packets transmitted, 1 packets received, 0.0% packet loss  
round-trip min/avg/max/stddev = 131.617/131.617/131.617/0.000 ms  

The challenge is just down for the moment.

FAllenValkyrie
3 years ago

0

yeah I thought so.

lastw
3 years ago

0

Hey, is it still offline?


0

checked it yeah it’s still offline

cabba
3 years ago

0

Been stuck with this level for a week now, happy to confirm the level is down.

Reply has been removed
Luke [flabbyrabbit]
3 years ago

3

Apologies, I had realised this level wasn’t functioning correctly.

It has now been fixed and you should be able to complete the level :)

heyNaman
a year ago | edited a year ago

0

Hello, all of you lovely peeps.
Totally stuck on this one, any clue on how to proceed after nmap ?
It’s me first time asking fr help here, pls assist a brother out !


0

if you got the port, the hard part is done. just telnet the port on the defend the web host.

ian.ortiz
a year ago

0

Any clues on what could be a “suspicious” service/port? nmap is just listing Internet protocols stuff.


1

well… for example, the standard http port(80) is NOT suspicious since this is a server for a website. Really anything that isn’t a commonly used port. also if you don’t find anything the first time, try again. NMAP can be weird :/

ian.ortiz
a year ago | reply to #91862

0

Thanks! Scanning again actually did the trick!


0

Ok! good job :)

hardtokill406
a year ago

0

I am still stuck on map it, I have done multiple nmap scans and am aware of the open ports. However I can’t find a way to connect to the ports to get any more information, and can’t find any info on forums or google…


0

just telnet into the right port


0

just telnet into the right port

Zbell [zbell]
a year ago

0

Hi, should it work now?

🐉 [Cheerfulbull]
a year ago

0

yes, and it has for ages

Zbell [zbell]
a year ago

0

thanks! Mapping results are very erratic, though. Finally got in.

h4ck1ngh1x1
a year ago

0

Having trouble. Telneted to the site but can’t find anyhting. Any help?


0

Are you sure you have the right port?

Reply has been removed
Jacob [Berkeley]
a year ago

0

Hey, that’s weird, I spend so much time doing port scanning and nothings differents, only two ports.. Did I do a mistake ?


0

When i do a port scanning i get that there are 3 ports open. From those three there is only one of them that could be telneted. Maybe i’m scanning the wrong IP. Well I’m scanning with nmap defendtheweb.net

🐉 [Cheerfulbull]
a year ago

0

Anyone who thinks they’ve got it can PM me the port

Zbell [zbell]
a year ago

0

For me it helped scanning smaller ranges, not going for all possible ports in one scan but dividing..

laflamablanka
5 months ago

0

So I’ve just completed this level as well, took forever and went down multiple paths and I learnt some stuff that I am sure I can apply to future challenges. You really need to do multiple nmap scans to complete this challenge. Check out the nmap website for the book and read through it to understand what it does and then keep trying out different scan techniques and you will eventually get it. Here’s a link to the book if it wasn’t already posted and gl and don’t give up - https://nmap.org/book/toc.html

You must be logged in to reply to this discussion. Login
1 of 39

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss