When you got onto a network, there is no way to know what's out there. Even on networks where you think you know what's there, like your home network... you don't know. 👽
If your goal is to attack a network, you'll want to know what computers are on the network, and what services (e.g. HTTP, SMTP, DNS) they are running and the most popular tool to do this is the venerable nmap network mapper.
While connected to the Stop and Listen challenge, mentioned in the Network Sniffing section, run the following command. (If you get a permissions issue, you might use sudo or check out Running without sudo)
$ nmap -sn 172.30.0.0/28
nmap has a lot of options, and nmap -sn runs a quick "ping scan" to simply detect what other computers are on the network. 172.30.0.0/28 is the IP address range specifier in CIDR notation. It is equivalent to the IP address range 172.30.0.1-15. nmap -sn sends out a basic probe to each IP address in that range and reports whether they responded. [1]
<aside>
✅ Try running nmap -T4 on your home network IP address range and take a moment to see what you can parse from the results.
</aside>
Connect to the Stuck in the Middle challenge. Refer back to How to CTF if needed.
<aside>
⚠️ Before connecting to the new challenge, Stuck in the Middle, make sure to disconnect from the previous challenge by existing openvpn.
</aside>
Feel free to open Wireshark again here, but don't be surprised if you don't see anything.
In order to figure out what hosts are on the network, run:
# -T4 makes the scan run more quickly
$ nmap -T4 172.30.0.0/28
By scanning the network, you can discover what hosts are on the network that we might attack. In the next section, Man-in-the-middle Attacks, we'll discuss how to attack them.