HackTheBox – Legacy

HackTheBox – Legacy

The first portscan doesn’t reveal much other than netbios, smb and that the machine is running Windows XP.

A second pass at the scan using nmaps smb vulnerability scripts reveals that the machine is vulnerable to RCE in MS08-067, it is also vulnerable to MS17-010 but this machine predates disclosure of this vulnerability, so it is obviously not the intended route.

searchsploit reveals that there is a metasploit module for this vulnerability.

Fire up metasploit, point, hit enter, system shell.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close