Starting Point NMAP error

Hi, i’m trying to complete the Starting Point machine but i got stuck…

after connect with: sudo openvpn x-startingpoint.ovpn i got this message:

Mon Nov 2 16:25:42 2020 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Mon Nov 2 16:25:42 2020 Initialization Sequence Completed

After this i open a new terminal and write:

ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.27 | grep [1] | cut -d ‘d’ -f 1 | tr ‘\n’ ‘,’ | sed s/,$//)

and:

nmap -sC -sV -p$ports 10.10.10.27

the terminal return this:

Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-02 16:43 EST
Error #487: Your port specifications are illegal. Example of proper form: “-100,200-1024,T:3000-4000,U:60000-”
QUITTING!

I tried to put only nmap and I got it:

Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-02 16:49 EST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.05 seconds

what can i do?


  1. 0-9 ↩︎

@ju40666 said:

what can i do?

The problem is in the script - I am not sure why HTB recommends this to new people / starting point users.

What appears to have happened is that the first nmap (trying to set the $ports) hasn’t returned clean results, but because of the way it works you cant trouble shoot it.

Try this:

nmap -Pn -sC -sV --min-rate=1000 -T4 -p- -vvvvvvv 10.10.10.27

At least if it fails you can see more useful output.

I’d also suggest getting used to what each switch means. Nmap is a super useful and super powerful tool. You will use it a lot.

Regarding the “host seems to be down” message.

Double check your really are on the VPN - go to the access page and check what your IP is and what VPN it has connected you to.

I would just like to point out that there is no need for the min rate & T4 - they’re contradictional are they not? , and the -vvvvvvv is also unnecessary so this is (was)enough (forme) :
nmap -Pn -sC -sV -T4 -p- 10.10.10.27

One of the best defensive measures against scanning is a well-configured firewall. Rather than simply obfuscate the network configuration, as some techniques described later do, well-configured firewalls can effectively block many avenues of attack.

Regards,
Rachel Gomez