../

     

Netcat and the XR2000 game

The game

Recently I stumbled upon a puzzling web post Challenge: XR2000. The post start by describing a few programming game and challenges. Then without any further instructions, the challenge itself is stated as:

To get started:

$ nc clearsky.dev 29438

Try it yourself. The nc command should be installed or available in all GNU/Linux distributions. The package may be called netcat or netutils. Below is the result, but try it yourself.

SPOILER AHEAD

Here’s what happen if you run the command above:

$ nc clearsky.dev 29438  
AXR2KPxr2000.leo.spacenet:send a single 0 byte followed by
   'XR2K' for documentation.

If you are stuck with this second step, read below.

A large rusty sattelite dish.

Copyright © Alexandros Giannakakis, 2021.

The netcat command

netcat is an awesome command that allows to send or receive any data trough the network using TCP or UDP. There exist many versions and flavours of this shell command. All my examples below are in GNU-netcat.

Here are some useful tricks.

Example 1: file exchange

Suppose you want to send a file to another computer (you must now the receiving computer IP, which must be rootable).

From the receiving end:

$ nc -l -p 9876 > my_huge_file.pdf

The options means to listen (-l) on port (9876). The command will hang until data is received. Output will be redirected to my_huge_file.pdf.

On the sending end:

$ nc 10.9.8.7 9876 < my_huge_file.pdf

Here 10.9.8.7 is the address of the receiving host, and 9876 the receiving port set above.

Example 2: Echo server

You can easily implement an echo server. Ideal to debug a client for instance, or to check that you have correct network connectivity. Just run:

$ nc -l -p 4242 -e '/bin/cat'

Here netcat listens on port 4242, as soon as a connection is accepted, it runs the /bin/cat which mirrors every requests with an identical response.

Test it with:

$ nc localhost 4242 #Type any thing after connection

Further examples

Here are some pointers:

And don’t forget to RTFM.

Second step of XR2000 challenge

If you are stuck after getting the first message, read below. But try hard before, it will be more satisfying…

SPOILER AHEAD

So the last instructions where:

“…send a single 0 byte followed by ‘XR2K’ …”

We will just use netcat again. To compose the request string we will use echo:

$ nc echo -e "\0XR2K" | nc clearsky.dev 29438 
# ... long answer incoming ...

The flag -e tells echo to interpret the backslash escape sequence. Here \0 will then be interpreted as a single 0 byte, as requested.

Have fun…