Sat. Oct 24th, 2020

Pentesting Fun Stuff

following the cyber security path…

HTB: Lame

Introduction

This is a machine from hackthebox.eu. According to the HTB policy I can publish this write-up seeing the machine is ‘retired’.

Enumeration

Starting with a portscan.

On first sight I would think that my entry point is the ftp service running on port 21. This particular version has a intended backdoor and is easily accessible from the outside. Oddly enough after several tries this known backdoor isn’t responding. Time to check on the next possible vulnerability.
After checking exploit-db it seems this samba version is vulnerable.

And there is the needed hash to prove me owning this box.
 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.