hackthebox lame walkthrough

hackthebox linux machine

Start the hack with nmap

We see the port 21 is open. Lets search for the version in searchploit

The FTP is vulnerable and we could get the RCE but for some reason, it didn’t work.

Moving on to samba.

Lets use smbmap

We have access to the tmp. Again, using smbclient to explore further.

We can upload file here but nothing else is fruitful for me. Moving ahead, the version of smb is 3.0.20. Lets search in searchploit

Great! We find RCE using Metasploit but let’s try to exploit without Metasploit. I find the python exploit here.

Generate your own payload and listen to the port for the shell.

Paste above inside the file.

Run the exploit

You will get the shell.

Now read the flags

2 comments

  1. Hey thanks for this write up. When going through the walkthrough I ran into an issue with the mysmb. I was getting a error. I was able to pip install the SMBConnection but was still having issues running the code. Any idea on if it was a build issue? Running py3 on the new kali image.

    “File “3.0.20.py”, line 3, in
    from smb.SMBConnection import SMBConnection
    File “/opt/smb/impacket/impacket/smb.py”, line 49, in
    from pyasn1.type.univ import noValue
    ImportError: No module named pyasn1.type.univ
    acket and mysmb.py and I’m still having issues.”

  2. Hi,

    I hope you already have solved the problem. If not, then according to the error, it is saying that you do not have module called pyasn. You can try running this command sudo apt-get --reinstall install python-pyasn1 python-pyasn1-modules

Leave a Reply

Your email address will not be published. Required fields are marked *