Kioptrix: level 1
This is my write up for Kioptrix 1. Kioptrix is a very fun series available on Vulnhub.
First I need to find the IP address of the machine, I run netdiscover
Once i get the IP address I run a NMAP scan to see what open ports and services are open which could be used to exploit
.nmap -sV -O 192.168.120.138
Ah yes, severely ports are open. I visit port 80 and 443 only to find the apache page. I decided to run some more enumeration.
I use searchsploit to see what exploits i can use on openssh and apache_mod_ssl
There are several exploits that can be of great uses, such as OpenFuck for OpenSSLBut for this write up I'm going to exploit Samba.
I used a tool call enum4linux to gather more information.
ONCE THE RESULTS RETURN, I PRESENTED WITH A LOT OF INFORMATION. wHEN LOOKING AT THE os INFORMATION I SEE WHAT VERSION OF sAMBA THE MACHINE IS RUNNING.
You can also find SMB information by using metasploit as shown above.
msf> use auxiliary/scanner/smb/smb_version
After doing some research on Samba 2.2.1a i found some good information.
This article then led me to the exploit 0x333hate
Once i downloaded and saved the exploit i then compiled it using the following commands
gcc -o 0x333hate 0x333hate.c
Information about gcc
Once complied, then its time to exploit so i can get root with the following command
../0x333hate -t 192.168.120.138 -p 139
Im in! Now i need to read the email and that will complete the chanllege