Bandit Level 16→ Level 17

Introduction

In this level of the OverTheWire Bandit challenges, we'll learn how to scan for open ports and establish an SSL connection to retrieve the flag for the next level.

Previous Flag

Flag: JQttfApK4SeyHwDlI9SXGR50qclOAil1

Step 1: Scanning for Open Ports

Begin by using the nmap command to scan for open ports on the local machine. We're particularly interested in ports within the range of 31000 to 32000.

nmap -vvv -p 31000-32000 -Pn -n localhost

The output will identify which of these ports are open and may provide additional details about the services running on them.

Step 2: Scanning Specific Ports

After identifying open ports, proceed to scan specific ports for additional information. We'll use the nmap command again with specific ports: 31046, 31518, 31691, 31790, and 31960. We'll also include service and script scanning for comprehensive information.

nmap -p31046,31518,31691,31790,31960 -vvv -sC -sV -n -Pn localhost --min-rate=5000

This command will provide detailed information about the services running on these ports.

Step 3: Establishing an SSL Connection

Once we identify that port 31790 is open with an openSSL service running on it, we will use the openssl command to establish an SSL connection to that port:

openssl s_client localhost:31790

This will initiate an SSL/TLS session, and the login flag for the next level will be displayed as an RSA key: