BLUE: HACK THE BOX (HTB)

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Summary

This machine had a vulnerability that is only found out if you are good at NMAP and if not so, then use help command in NMAP or use the GUI version of NMAP that is ZENMAP.

The first thing I do is run an NMAP on the target to see which ports are open.

SMB is always an easy loophole to exploit, so let’s enumerate that further, and see if this box is vulnerable to any known exploits.

It seems that this box is running Windows 7, and it’s vulnerable to ms170–010 / CVE-2017–0143. Let’s use searchsploit search to show us that the are several popular exploits.

We now fire up Metasploit and search modules for ms17–010. We choose the eternal blue exploit, and we set the correct options to run it.

Now that we have our options set, we can run it and get our shell.

Let’s GOOOOO its ROOT

Writer: Harsh is a Penetration testing student at Azure Skynet. You can contact him here.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top