Hack The Box: Lame Write-up
First lets scan the machine to find available vulnerabilities with nmap tool
run the following code:
From the above enumeration, We can see that Port 21(FTP vsftpd 2.3.4), Port 22(ssh), Port 139(netbios-ssn), Port 445(netbios-ssn) and Port 3632 are open.
Ftp port can be exploited by vsftpd 2.3.4 exploit via metaspoilt but this time I will use the manual way.
lets try to use the smbclient, mostly known where a common vuln can be noticed at tmp directory that is set to be accessed by anonymous access :
As seen below, the tmp directory has read and Write access , which is a vulnerability
Set Netcat listener on your attacker and set the shell interactive after obtaining access after the listener is connected to the target box:
python -c ‘import pty; pty.spawn(“/bin/bash”)’
once SMB shell is opened from a target box, set the reverse shell
Capture the Flag, woop woop,