Jump to content

Title: Hack The Box —— Lame

UKhackteam
UKhackteam
in Hacker Cracking / Penetration Testing / Cybersecurity

Featured Replies

Posted

Hack The Box —— Lame

20190810200126.png-water_print

信息搜集与漏洞利用

First go to nmap and scan a wave:

1

nmap -T4 -A -v 10.10.10.3

20190810200151.png-water_print

Four ports were found to be opened.

Search for vsftpd related vulnerabilities, and found that the 2.3.4 version comes with a backdoor. Searching on metasploit, it found that the vulnerability cannot be exploited.

Instead, I looked for the samba 3.0.20 version vulnerability, and found an excellent level vulnerability on msf. Fill in the IP and exploit to execute:

Bounce back to the shell.

20190810200210.png-water_print 20190810200215.png-water_print 20190810200220.png-water_print

获取flag

user.txt

1

cat /home/makis/user.txt

root.txt

1

cat /root/root.txt

  • Quote

    • Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Reply to this topic...
    Go to topic listing

    Important Information

    HackTeam Cookie PolicyWe have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.