HackTheBox – Blue

A port scan using nmap reveals that ports 139 and 445 are open, these ports are associated with netbios and smb.

Using this information I started a second port scan against these 2 ports using smb vulnerability scripts to identify any potential attack vectors. I have a feeling I know which vulnerability to use based on the machine name…

This scan confirms what I thought, the machine is vulnerable to MS17-010, otherwise known as EternalBlue, the vulnerability behind the infamous WannaCry attacks. There is a Metasploit module for this vulnerability which makes exploiting it extremely easy

The exploit runs as expected and I have a shell.

The first step of enumeration reveals that I have a system shell! I can go straight to the root flag.

Easiest. Root. Ever.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close