124 words
1 minutes
HackTheBox Lame
2020-02-16
2024-05-23
Walkthrough
Hackthebox
/
Easy
/
Linux

Summary#

Lame is a beginner level machine from hackthebox , this linux machine can be compromised by using only single level exploit which will directly jump into root user and can further get user flag

Inital Enumeration#

Using nmap we can do a full port service scanning and identify that the following ports as open

Terminal window
nmap -sCV -p- -oN 10.10.10.3 -vv
  • 21 - FTP ( vsftpd 2.3.4 )
  • 22 - SSH ( OpenSSH 4.7p1 )
  • 139,445 - CIFS,Samba ( 3.0.20 )
  • 3632 - distccd v1

Lame Nmap

Exploitation#

Upon searching for Samba with version (3.0.20) , The samba is vulnerable for CVE-2007-2447 and have a metasploit module called

Terminal window
usermap_script

Upon explotitation we got a direct root shell on the box

Exploitation

Enumeration on the root directory will provide the root flag and home directory will provide the user flag

HackTheBox Lame
https://blog.0xdhinu.com/posts/lame-hackthebox/
Author
Dhinu Ramachandran
Published at
2020-02-16
License
CC BY-NC-SA 4.0
HackTheBox Devel
contact@0xdhinu.com

© 2025 Dhinu Ramachandran. All Rights Reserved.