Prenote: As all of these challenges were similar, we decided to combine these under one page.

nmap all ports to see port 4994 is open, just nc to it to get flag

Going back to port 324 (ftp)
the flag is in .../.../.flag

curling port 22 robots.txt gives you a string in base58, decode to get /clue3349203.txt, curl that to get a lot of jsfuck, decode that to get an employee id, and then use that on port 4994 to get the flag

if we scan port 324, we can see it is an ftp server, which allows anonymous login.
ls -a ing gives us a ... dir (wow thanks hq), and then cding into it and ls -a ing again gives us a .stayhidden file. reading this gives us another employee id, which we can use to login to port 4994 again.

nmap, see http port on port 22, curl it to get flag

Last modified 2yr ago
Export as PDF
Copy link
On this page
Flag 1
flag :zh3r0{pr05_d0_full_sc4n5}
Flag 2
flag: zh3r0{You_know_your_shit}
Flag 3
flag: zh3r0{y0ur_b0nu5_i5_p4id}
Flag 4
flag: zh3r0{y0ur_s4l4ry_wa5_cr3dit3d}
Flag 5