Skip to content

Instantly share code, notes, and snippets.

@f3r

f3r/HackerMission.md

Created April 8, 2015 03:29
Show Gist options
  • Save f3r/b3d33c80a35afc2c45da to your computer and use it in GitHub Desktop.
Save f3r/b3d33c80a35afc2c45da to your computer and use it in GitHub Desktop.
Download ZIP
WDI-HK-7::HackerMission
Raw
HackerMission.md

Mission Brief

Morning 007s.

Your mission, should you choose to accept it, is to identify and eliminate the hacker who breached our secure data centers.

All the identities of your fellow WDI agents will be open and they will all be in great danger if we don't react fast.

Our security records indicate this following log access to the servers

Server Access Log

********************************************************************************************
* Server: //H4rry-Web3.wdiLovesBond.ga
* File:   /var/log/nginx/access/20150407-2.log
********************************************************************************************
*
*         ________   ________    _________  ____________;_
*         - ______ \ - ______ \ / _____   //.  .  ._______/
*        / /     / // /     / //_/     / // ___   /
*       / /     / // /     / /       .-'//_/|_/,-'
*      / /     / // /     / /     .-'.-'
*     / /     / // /     / /     / /
*    / /     / // /     / /     / /
*   / /_____/ // /_____/ /     / /
*   \________- \________-     /_/
*
* 2015-04-07 04:32 |                          SYSTEM BREACH ALERT.  IP Detected 72.21.92.59
*
********************************************************************************************

Server Error Log

********************************************************************************************
* Server: //f3r-is-the-hacker.wdiLovesBond.ga
* File:   /var/log/nginx/error/20150407.log
********************************************************************************************
*                                                              http://towel.blinkenlights.nl
*
*
*
*                                        ,-/o"O`--.._      _/(_
*                                  _,-o'.|o 0 'O o  O`o--'.  e\
*                  (`o-..___..--''o:,-'  )o /._" O "o 0 o : ._>
*                   ``--o___o..o.''     :'.O\_ ```--.\o .' `--
*                                          `-`.,)      \`.o`._
*                                                       `-`-.,)****>> Follow the Repo --->>>
*
********************************************************************************************

MISSION OBJECTIVES

Your objective is to identify the hacker who intrude us, and save all our fellow classmates from a terrible death. We count on you!

1. Seek The Hackers Location

First, we must figure from which city in the world is that IP located. Fast!

2. Access the Website

There is a website in the logs (http://towel.blinkenlights.nl). What does it contain?

3. Find a Back-Door

Dead-end. We can't access his server. We will have to find a work around it. We know that servers can have many ports, and each port will be the entry gate for a different service.

Since the webserver doesn't give us any information about the hacker, we will need to dig deeper.

  1. Please install Nmap ("Network Mapper") with homebrew
  2. Find the IP address of towel.blinkenlights.nl
  3. Run Nmap , a free and open source utility for network discovery and security auditing. To run it, simply call nmap IP_ADDRESS

4. Services Analysis

We should see a list of open services as an output from nmap. Please descrive What does each of the open services do exactly?

5. TELNET

Please access the hacker's server using the Telnet protocol.

Good Luck. This message will self-destruct in 10 SECONDS.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment