Hack The Box: Lame

Difficulty: Easy (LAME)

Machine Creator: ch4p

Tools Used:
NMAP
Metasploit

Network Enumeration
Let’s start with an NMAP scan of the server to see what ports are open.

The NMAP results returned 5 open ports lets do a more in-depth scan and see what services are running.

I’ve checked port 21 running vsFTPd 2.3.4, and this was not exploitable. Moving on to port 445 we see samba 3.0.20-Debian.

After checking on Exploit-DB, we can see 2 possible vulnerabilities.

Using Metasploit exploit multi/samba/usermap_script we now have a reverse shell with root.

Root.txt

User.txt

Previous post
Hack The Box: Beep