HackTheBox Beginner Track

Lame Walkthrough

Target I.P = 10.129.192.151
My I.P = 10.10.14.50
OS = Linux
Difficulty = Easy
Tags = Samba(SMB)

RECON :
Nmap Command :
nmap -sC -sV -T4 -A -vvv -Pn 10.129.192.151

FTP (PORT 21)

I can log in into FTP with Username: anonymous Password: anonymous
actually, credentials don’t matter cz there is any authentication required but still I am not able to list any files so I left this part for later use :D

Nothing Special

SMB
Let’s dig into smb open file explorer and go to other location and enter
smb://10.129.192.151

Connect to smb

Indeed we have permission to list any file in SMB

SMB

After some google security reasons not to connect to older SMB versions. I added the following to my /etc/samba/smb.conf file, and then it works fine:

Now try again with smbclient command :D

Let’s connect with -L (no-pass) and list all drives

Let’s search samba exploit for version 3.0

16320.rb

Let’s fire msfconsole

Machine solved!