Hackthebox Walkthrough — Lame

Being taking the PWK courses and preparing for the OSCP exam recently. I got inspired a lot from many Hackthebox machines besides the pwk labs. So I decided to start writing some hackthebox retired machines walkthroughs (inspired from hackingarticles, infosec, ippsec’s youtube videos and etc, thanks for all of these amazing materials of Penetration Testing!)

Target: 10.10.10.3

Local IP:10.10.14.2

Nmap Enumeration:

First we run nmap enumeration to see what ports are open

we see port 21 ftp is open. Its running service vsftpd with 2.3.4 version

As we know, vsftpd has a built in backdoor

we found a metasploit module but it doesn’t work this time

Nmap also reveals the server is running Samba with a considerably low version

google the samba CVE

Try this exploit and we got a meterpreter session working

check our privilege we are root!

Let’s grab our user.txt and root.txt flags!