HTB: "Legacy"? Tutorial

HTB: "Legacy" Tutorial

Tools and Resources:

nmap

metaploit

Step 1.

Scan for open ports.

No alt text provided for this image

We can see that Ports 139 and 445 are open.

We also find out that the user is using Microsoft Windows XP with Service Pack 3 (sp3)

With research, we find that Windows XP has netapi vulnerabilities: https://null-byte.wonderhowto.com/forum/exploit-windows-xp-with-netapi-vulnerability-0154447/

Step 2.

Search Metasploit for a vulnerability to run.

No alt text provided for this image

#3 . . . Rank: great

Let's try that one first. Set the rhost and run it!

No alt text provided for this image

So far so good.

Let's orient ourselves.

No alt text provided for this image

Ok, we're in!

Step 3.

Hey machine, who am I?

No alt text provided for this image

“Any man who must say, I am the king, is no true king.” - Tywin Lannister


要查看或添加评论,请登录

Joseph Sales的更多文章

  • IT Fundamentals

    IT Fundamentals

    Infrastructure is comprised of all the technologies that support an organization’s IT activities. It can include…

  • Managing Reference Data

    Managing Reference Data

    Reference Data Reference data is used to relate other information in a database. It standardizes how data elements are…

  • Compliance, Privacy and Regulatory Impact

    Compliance, Privacy and Regulatory Impact

    Adhering to rules and standards are important to consider when managing and developing IT projects and applications…

  • What Is A Strategic Plan?

    What Is A Strategic Plan?

    “Let your plans be dark and impenetrable as night, and when you move, fall like a thunderbolt.” ― Sun Tzu…

  • CCPA Effective 1/1/2020

    CCPA Effective 1/1/2020

    Resource: https://leginfo.legislature.

  • HTB: "Lame" Tutorial

    HTB: "Lame" Tutorial

    By using a username with shell meta characters, attackers can execute commands. No authentication is necessary because…

  • HackTheBox Invite Code Tutorial

    HackTheBox Invite Code Tutorial

    HackTheBox is an online platform to test and advance your skills in penetration testing and cyber security. Join today…

  • Helpful Models for Addressing Security Concerns

    Helpful Models for Addressing Security Concerns

    The Confidentiality, Integrity, Availability (CIA) Triad Confidentiality is the ability to protect information from…

  • Employee Motivation

    Employee Motivation

    In the Harvard Management Update, researchers presented that motivation comes from having an enthusiasm for a job, and…

    2 条评论
  • Effective Teams

    Effective Teams

    For any team to be effective, there are certain criteria that must be met: They must have a common purpose. They must…

社区洞察

其他会员也浏览了