Posted on

Kioptrix 1

Overview

  • Enumeration will lead to apache mod_ssl and samba 2.2 exploits
  • Both exploits will gain root shell immediately

Enumeration

Run nmap scan to find for open ports.

Port 80 & 443

Run a vulnerability scan with Nikto

Start directory enumeration with dirbuster.

SMB Enumeration

Search for exploits

Samba exploit

https://www.rapid7.com/db/modules/exploit/linux/samba/trans2open/

Exploitation

By metasploit

Exploitation failed. Use a different payload.

Root shell is gained.

Exploitation by manual method

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s