PentaHex

Backdoor? (30) - Clearsoc


The OwnForAll site claims they placed a backdoor on the clearsoc site. Can you check and connect to whatever else is running on the clearsoc site?


A backdoor is a port that is open and can be used to access things. I did an nmap scan (in bash) of the site to find all open ports.

All the ports, such as 80, 443, and 8080 I recognized, but port 7070 stood out. I used netcat to connect to it, like the problem description stated.

nc clearsoc.hsf.csaw.io 7070

Yes! The output is the flag!

flag{that_aint_g0pher}