Lame- Hackthebox lab

Published by Nick on

This is a writeup for Hackthebox Lame, this is my first HTB writeup.


Started with an nmap scan against the target: 10.10.10.3

The nmap scan results are below

A exploit was found for Samba 3.0.20-Debian in the nmap Host script results

Running the exploit in Metasploit opened a shell with root permissions 

Both user and root flags were collected by browsing around the file system

This box was pretty easy, no privilege escalation involved after getting access to the box.

also grabbed the /etc/passswd and /etc/shadow files and used the unshadow utility to combine them.


I then cracked the hashes with hashcat

Categories: CybersecurityPentesting

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Cybersecurity

Administrator- Hackthebox lab

This lab came with Active Directory creds to simulate an assumed breach assessment. I started by checking the credentials with Netexec to confirm they worked. Next I ran Bloodhound-ce-python to collect Active Directory data for Read more

Cybersecurity

Support- Hackthebox lab

I started with an nmap scan for all TCP ports and the top UDP ports. This one looks like an Active Directory Domain Controller. Added target hostnames to /etc/hosts Looking through the SMB shares, I Read more

Cybersecurity

ServMon- Hackthebox lab

This box took a ton of troubleshooting and resets for the privilege escalation. The web server kept crashing but after many attempts, I finally got it finished. I start things off with a port scan Read more