Starting Point [HTB]

edited March 26 in Machines

Hi, am new this.

I have downloaded the vpn and got connect to it.
after connecting we need to do nmap on the mentioned target IP address..

i tried to do that, but it is not working for me..

Can anyone please guide me here

«1345

Comments

  • Hi,

    What is not working? The VPN or the scan? I'm assuming it's the VPN connection.

    You should see this in the terminal you use to run openvpn.

    Thu Mar 26 09:04:44 2020 Initialization Sequence Completed
    

    After which, you can run ifconfig and see if the interface tun0 is up.

    limbernie
    Write-ups | Discord - limbernie#0386

  • Same here, the VPN seems to be up and running, ifconfig gives me tun0, I run the commands that the guide tells me and nmap gives me 'All 1000 scanned ports on x.x.x.x are closed. it's driving me mad here

  • also here. VPN is running (Initialization Sequence Completed), machine is assigend to me but sudo nmap -sC -sV -Pn 10.10.10.X leads to:

    All 1000 scanned ports on 10.10.10.X are filtered

    Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up)

    Different scan, different machine, same result. Any ideas?

  • edited March 31

    i have this same issue. i do see Initialization Sequence Completed when i successfully connect to the VPN, but i'm unable to run the nmap scan. Any help will be much appreciated.

    After running nmap, i get the following error.

    Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 13:09 EDT
    Error #487: Your port specifications are illegal. Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"
    QUITTING!

  • Anyone able to find solution?

    I am new to HTB and facing the same issue. I am successfully connected to vpn and i can see ip asssigned to my tun0 , but when i run nmap it always shows ports as filtered.

    I have tried modifying .ovpn file to tcp 443 but no success. I see route for 10.10.10.0/24 subnet towards 10.10.14.1 but i am not able to ping any of the machine.

    systemctl status ufw shows inactive.

    any help will be much appreciated as i am stuck on this from past 9-10 hrs.

  • Type your comment> @999zauberer999 said:

    All 1000 scanned ports on 10.10.10.X are filtered

    Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up)

    I get the same thing doing nmap scans. My issues comes from running the given command:
    nmap -sC -sV -p$ports 10.10.10.27

    Ends up with this result:

    Error #487: Your port specifications are illegal. Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"
    QUITTING!

    Any ideas?

  • edited March 31

    I'm getting the same problem after running the following on Kali Terminal:

    ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.27 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)

    nmap -sC -sV -p$ports 10.10.10.27

    I am already connected using the ovpn file. Have tried rebooting my VM and regenerating the ovpn file.

  • Are you guys running the scan from root?
    Try sudo su first.

  • Type your comment> @DemiScuzz said:

    Are you guys running the scan from root?
    Try sudo su first.

    Yup

  • same problem here.
    Error #487: Your port specifications are illegal. Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"
    QUITTING!

    i just updated nmap to 7.80 but this didnt solve the problem either

  • So I ended up using this command:

    nmap -sC -sV -p- 10.10.10.27

    Instead of nmap -sC -sV -p$ports 10.10.10.27.

    It worked and gave me the open ports.

  • Type your comment> @Buttersauce said:

    So I ended up using this command:

    nmap -sC -sV -p- 10.10.10.27

    Instead of nmap -sC -sV -p$ports 10.10.10.27.

    It worked and gave me the open ports.

    still doesnt work
    i also tried

    nmap -sC -sV -p 1-2000 10.10.10.27

    are u connected to the eu or the usa servers?
    maybe its just the eu servers which doesnt work properly?

  • I have just tried both the EU and US VPNs and am unable to get a response using either

  • US Server. I had a lot of issues yesterday in getting the ports to show up in scans. Regenerated my keys, then tried the command I posted earlier. Started to work. Now I am stuck at another part.

  • Okay, just redownloaded the Starting Point VPN file, for the US and that now works fine.

    Downloading the EU one leaves me unable to ping anything. Guess I'll use the US connection then!

  • Type your comment> @Buttersauce said:

    So I ended up using this command:

    nmap -sC -sV -p- 10.10.10.27

    Instead of nmap -sC -sV -p$ports 10.10.10.27.

    It worked and gave me the open ports.

    Yup, i tweaked the nmap command as well and it worked.

  • I am running into a problem getting ps1.shell to the victim machine from my local machine. The victim says that it cannot connect to my machine, though I can connect to the victim. As far as I can tell, I have not missed any instructions, even resorting to just copy-pasting them. What might I be missing to get past this step in the instructions?

  • Nevermind. It was fatigue and something really dumb. It was misconfigured networking on my end.

  • edited April 6

    For me, I am connected just fine. I did the initial command "ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.27 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)" but when I try to follow along after, I am receiving:
    [email protected]:~$ nmap -sC -sV -p$ports 10.10.10.27
    Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-06 19:48 EDT
    Error #487: Your port specifications are illegal. Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"
    QUITTING!

    and when I switch to nmap -sC -sV -p- 10.10.10.27 I get:
    Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-06 19:48 EDT
    Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
    Nmap done: 1 IP address (0 hosts up) scanned in 3.70 seconds

    When I include -Pn, it doesn't resolve. Any ideas? Since it is in the starting point, I'm not sure where to go to turn on a machine, if that's even a thing. I am very new to all of this. I signed up a long time ago, and just started trying my hand at this.

  • edited April 7

    Hey Guys, I am stuck at foothold step. There is a new IP Address I can see in shell.ps1 code and the xp_cmshell call while spawning a reverse shell. Do I need to change the IP to he one that is assigned to my machine by looking at tun0 ?

  • Hello people, can anyone tell me how to unlock starting point machines ??

  • Heard there has been a bunch of issues accessing it. I can connect to the vpn but when i run ifconfig, tun0 is not returning anything not sure why, tried tcp still no prevail. Am unable to ping any of the machines getting real heated.........

  • Definitely a beginner here myself, and maybe this question will show this to be true lol. But following the instructions for this machine, it appears they have us creating a variable named "ports"? However, when I try to create this variable with the command "ports=$(...." as explained in the tutorial and hit return to run the command, it appears the shell just goes to stdin? Can anyone explain why that is? I'm aware just running "-p-" will suffice rather than "-p$ports" but I am curious as to why I am experiencing this?

  • after i've connected to the vpn i can not ping the 10.10.10.27 ip.
    what should i do? at least i should be able to ping the host!
    it seems to be down. any hints?

  • Hi,
    Same here. i didn't see 10.10.10.27 too and think it is down. don't know that i miss something (is that a next challenge and i have to done some other things to connect to this specific host) or just 'something went wrong'. i tried to play with 2-3 other machines, but no success at the moment :smiley: but keep going

  • Type your comment

  • Are the instructions to Starting Point accurate or do we have to figure something out? Im stuck on the enumeration part, at the end trying to open the dtsConfig file. The password that is shown is not working. Am I supposed to be lookin for another way in? Because I can't find one, yet.

  • Type your comment> @skillless said:

    Are the instructions to Starting Point accurate or do we have to figure something out? Im stuck on the enumeration part, at the end trying to open the dtsConfig file. The password that is shown is not working. Am I supposed to be lookin for another way in? Because I can't find one, yet.

    the password is right. i pass this tutorial today. try to change \ with / for mssql command. otherway command is executed with incorrect user (Guest i think)

  • edited April 12

    have you tried to run nmap with -Pn
    nmap -sC -sV -Pn -p- 10.10.10.27
    for me i was pinging the machine and it was saying 'Host Unreachable'
    so -Pn would ignore that and run the scan anyway.
    i also wanted to add that you can only scan the ports you need 135,139,445,1433
    sudo nmap -sC -sV -Pn -p135,139,445,1433 10.10.10.27
    it won't take time this way

  • Type your comment> @IslaMukheef said:

    have you tried to run nmap with -Pn
    nmap -sC -sV -Pn -p- 10.10.10.27
    for me i was pinging the machine and it was saying 'Host Unreachable'
    so -Pn would ignore that and run the scan anyway.
    i also wanted to add that you can only scan the ports you need 135,139,445,1433
    sudo nmap -sC -sV -Pn -p135,139,445,1433 10.10.10.27
    it won't take time this way

    Works, but also the initial way seem to work. However, as also my connection was rather unstable, I had to wait for the reconnection to happen (keep on monitoring the console). Just after the success-message I could shoot some commands and progress.

    Eauxfolles

Sign In to comment.