@davidcp said:
Hi guys,
I have seen through this discussion that I need to start by using Nmap because it shows you the first piece of information that is going to help me solve this challenge but, to be honest, I do not know what I am looking for. I see the machine has 3 open ports, I see the version of the services that are running on the machine, I see the methods supported by the webserver, but I do not see anything that can help me get the G page everyone is talking about. Any hint would be really appreciated.
Ok first - this is not an easy box really. I know it is rated easy but it isn’t.
I strongly suggest you work through the starting point boxes before you move on to this, or even some of the stuff at https://academy.hackthebox.eu/. The reason I suggest this is that you may need some practice on the methodologies and most of the machines in the live category don’t really provide this.
Failing that, look at what output nmap has given you. Go to the places it tells you are open. For example, if it says a web server is running, visit it in a web browser.
If nmap says its using a domain name, add that to your hosts and visit it in a browser.