Posted on

HTB Lame

Run a nmap scan to find for open ports.

Examined the Anonymous FTP login but no clues inside

The smb version is 3.0, use searchspolit to find for exploit.

The username map script command execution looks interesting.

Start up metasploit.

Use the usermap_script.
Set up the options and run the exploit.
Session is gained.

Head to the makis directory to find the user flag.

Then head to the root folder to find the root flag.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s