CTF WriteupsHackthebox Writeups

Lame hackthebox walkthrough

Hackthebox machines writeups

Lame Hackthebox Walkthrough

 

I will start today publishing my own write-ups for retired machines on Hackthebox platform, which is one of the best online VPN-based platforms for Boot2Root CTF machines.

In this article you will learn the following:

  • Using nmap to find opened ports & running services.
  • Searching for public exploits for vulnerable services.
  • Download & installed required libraries to run exploit.
  • Getting nc reverse shell.

The selected machine will be Lame which is a Linux based machine with IP address 10.10.10.3 (You can play with this machine if you are subscribed for VIP Labs only).

Scanning the machine, I found that it has the following open ports and running services (21 ftp, 22 ssh, 139 & 445 samba).

Searching for the ftp service which runs vsftpd 2.3.4 I found that it’s vulnerable to RCE. After trying to exploit it I found that I can not get shell (even using metasploit).

So, I start trying the other services. By searching for samba 3.0.20, I found that it’s vulnerable to RCE. So, searching the web using the CVE code i found that someone wrote a python script to exploit this vulnerability. Actually, I don’t like to use the metasploit exploit to those who are trying to pass the OSCP exam to increase their skills.

I downloaded this exploit and installed the prerequisites and after that run the script and I got a reverse shell on my Kali Linux machine.

Actually, this machine is for noobs and beginners and has no complexity.

I hope you enjoyed and learn new thing in pen-testing field. If you have an question or comments, please write them down in the comments and wait for the next writeup 😀

 

Lame Hackthebox Walkthrough

 

Unknowndevice64:1 vulnhub walkthrough

W34kn3ss:1 vulnhub walkthrough

Zico2:1 vulnhub walkthrough

DC-1: 1 vulnhub walkthrough

Tags

Mohammed Khreesha

I'm a Computer Engineer with 13 years of experience in Computer and Information Technology fields, specially in Info-sec field. Also, I have 13 years of experience as a freelance instructor in Ethical Hacking, Secure Web Development, Penetration Testing and Security Awareness. I have the following certificates : CEH, CHFI, ECSA, LPT Master, & ISO 27001 LI. #Co-Founder of Technawi[dot]net blog March 2014. #Founder of Jordan Info-sec Days periodic events August 2015, February 2016. #Founder of Jordan Info-sec CTF hacking competition April 2017, March 2018, & November 2018.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close