LEGACY
- Layout for this exercise:
1 - INTRODUCTION
- The goal of this exercise is to develop a hacking process for the vulnerable machine Legacy, what is a retired machine from the Hack The Box pentesting platform:
https://www.hackthebox.eu
2 - ENUMERATION
- Legacy's IP is 10.10.10.4:
- Scanning with Nmap we learn that a Windows XP system is running SMB service at ports 139 and 445:
- Scanning deeper those two ports:
- Looking for vulnerabilities on port 139:
- Looking for vulnerabilities on port 445:
- To sum it up, we have discovered these potential vulnerabilities:
- CVE-2008-4250
- CVE-2017-0143
- CVE-2009-3103
3 - EXPLOITATION
- There are several Metasploit modules associated to these vulnerabilities.
- For instance ms08_067_netapi is able to exploit CVE-2008-4250:
- Launching Metasploit and taking the module ms08_067_netapi:
- Once we get a System privileged Meterpreter session it is easy to spawn a shell:
4 - CAPTURING THE FLAGS
- Reading user.txt:
- Reading root.txt: