 Hello everybody and welcome back to another video. My name is John Hammond And I'm showcasing some more of the really simple and small challenges from the echo party or eco party CTF for 2016 I honestly still don't know how to pronounce the name of the CTF. I prefer echo party, but whatever I want to show off web 50. I again, I haven't solved a whole lot of challenges And these are all the simple ones and the small ones that I have but I want to showcase them and give them to you So this one is asking to get get just the basic information from the server and the CTF echo party dot org The challenge title is RFC 7230. We could if you wanted to Google that and figure out what it is You can see I have visited this page already and it looks like it's just a simple page or RFC Defining what the hypertext transfer protocol or HTTP is so I read through this and it didn't particularly give me a whole lot of hints and a good lead anywhere but I Continued to move on and I actually tried to throw some simple like reconnaissance and web application testing stuff like tools at the URL and I actually ended up doing it with Nikto But I we're trying to keep like a list of the tools that we end up using So I want to Show that to you it should be public so You see GA tools and there's a list of some stuff that I try to archive And one of them that we have on there is Nikto, but it's under the reconnaissance Utility and the same thing with netcraft which apparently a friend of mine solved this challenge by using netcraft So I'll showcase that too, but you can use Nikto Terminal here and you can specify the host dash H and will specify Hgt echo party and you'll see immediately it finds Some information and in our case, okay the server area that that information field is does have our flag in it echo This is my great server so super easy again You just kind of take advantage of using the tool and doing some simple reconnaissance on the on the web server on the web page But again, we could do that with netcraft just like I had noted in In our archive of tools here and a friend of mine told me that he solved it this way So you can supply the URL that you want to give it and it can do a little bit of scanning Eventually in the SSSL sorry SSL portion. It does find oh the server here The flag again, you can see the flag format echo. This is my great server So you would go ahead and be able to submit that get your 50 points and you'd be wrong But want to showcase it to you simple stuff I just use the Nikto tool and netcraft it does some good reconnaissance and finds what we need in our case the flag So alrighty. Thanks again for watching guys. I hope to show you some more stuff again simple But I want to showcase it off to you in a later video. Talk to you soon