twitter

Hack The Box: Lame

Difficulty: Easy (LAME)

Machine Creator: ch4p

Tools Used:
NMAP
Metasploit

Network Enumeration
Let’s start with an NMAP scan of the server to see what ports are open.


The NMAP results returned 5 open ports lets do a more in-depth scan and see what services are running.


I’ve checked port 21 running vsFTPd 2.3.4, and this was not exploitable. Moving on to port 445 we see samba 3.0.20-Debian.


After checking on Exploit-DB, we can see 2 possible vulnerabilities.


Using Metasploit exploit multi/samba/usermap_script we now have a reverse shell with root.

Root.txt

User.txt