IPv6 Sandbox
Shown in Report
Jewel Loggins is standing next to a Terminal.
Objective Image
Back
Challenge
Tools:
* netcat
* nmap
* ping / ping6
* curl

Welcome, Kringlecon attendee! The candy striper is running as a service on                   
this terminal, but I can't remember the password. Like a sticky note under the               
keyboard, I put the password on another machine in this network. Problem is: I               
don't have the IP address of that other host.
Please do what you can to help me out. Find the other machine, retrieve the                
password, and enter it into the Candy Striper in the pane above. I know you                
can get it running again!
Solution

Let’s ping for further IPv6 hosts

ping6 -I 2604:6000:1528:cd:d55a:f8a7:d30a:3 ff02::1%eth0

We have a few candidates

2604:6000:1528:cd:d55a:f8a7:d30a:1
2604:6000:1528:cd:d55a:f8a7:d30a:2
2604:6000:1528:cd:d55a:f8a7:d30a:3
2604:6000:1528:cd:d55a:f8a7:d30a:e405

Let’s see what’s running on that last machine

nmap -6 2604:6000:1528:cd:d55a:f8a7:d30a:e405

Port 80 and 9000 open so we use curl and Netcat to inspect them

curl -6 -g 'http://[2604:6000:1528:cd:d55a:f8a7:d30a:e405]:80/'
netcat -6 '2604:6000:1528:cd:d55a:f8a7:d30a:e405' 9000

The second port gives us the passphrase

see Flag