## Knock
Port scan, find list of ports. Hint on port 3389, a "main" webserver at port 80 and different webservers at the following ports, all returning a static website. Combining the hint, and sorting the port numbers (sans 80 and 3339), we get the flag with the script below. All the ports were within ASCII range.

```python
port_sort = [48, 49, 51, 52, 89, 95, 100, 101, 104, 105, 108, 110, 111, 114, 116, 117, 122, 123, 125]

# From the hint
order = [(0, 4), (1, 16), (2, 2), (3, 11), (4, 6), (5, 9), (6, 15), (7, 14), (8, 1), (9, 12), (10, 13), (11, 10), (12, 7), (13, 3), (14, 17), (15, 8), (16, 0), (17, 5), (18, 18)]

flag = [0]*19
for flag_ix, index in order:
print(flag_ix, index)
flag[index] = chr(port_sort[flag_ix])
print(''.join(flag))
```

Flag `zh3r0{You_n4iled1t}`

Original writeup (https://github.com/bootplug/writeups/blob/master/2020/zh3r0-CTF/writeups.md#knock).