CTF WriteupsHackthebox Writeups

Lame hackthebox walkthrough

Hackthebox machines writeups

Lame Hackthebox Walkthrough


I will start today publishing my own write-ups for retired machines on Lame hackthebox platform, which is one of the best online VPN-based platforms for Boot2Root CTF machines.

In this article you will learn the following:

  • Using nmap to find opened ports & running services.
  • Searching for public exploits for vulnerable services.
  • Download & installed required libraries to run exploit.
  • Getting nc reverse shell.

The selected machine will be Lame which is a Linux based machine with IP address (You can play with this machine if you are subscribed for VIP Labs only).

Scanning the machine, I found that it has the following open ports and running services (21 ftp, 22 ssh, 139 & 445 samba).

Searching for the ftp service which runs vsftpd 2.3.4 I found that it’s vulnerable to RCE. After trying to exploit it I found that I can not get shell (even using metasploit).

So, I start trying the other services. By searching for samba 3.0.20, I found that it’s vulnerable to RCE. So, searching the web using the CVE code i found that someone wrote a python script to exploit this vulnerability. Actually, I don’t like to use the metasploit exploit to those who are trying to pass the OSCP exam to increase their skills.

I downloaded this exploit and installed the prerequisites and after that run the script and I got a reverse shell on my Kali Linux machine.

Actually, this machine is for noobs and beginners and has no complexity.

I hope you enjoyed and learn new thing in pen-testing field. If you have an question or comments, please write them down in the comments and wait for the next writeup ­čśÇ


Lame Hackthebox Walkthrough


Unknowndevice64:1 vulnhub walkthrough

W34kn3ss:1 vulnhub walkthrough

Zico2:1 vulnhub walkthrough

DC-1: 1 vulnhub walkthrough


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button