Hack the Box Presents: Legacy.
This box was very easy to Pwn, yet there are many ways to go about it it. I will show you one way.
First thing first as always, i fire up Nmap to see what available ports are open.
Once the scan is completed, i see that port 139 port 445 and port 3389 as results.
Only 2 ports are open 139 and 445, port 3389 is closed.
Knowing Microsoft samba service i check to see what exploits i can use against it.
Wow! Quite a few results. I tried a few of them but the one that was useful was:
Lets get a shell.
We now have a shell, very simple. Using the sysinfo commnd, its tell me some useful information. Then i use the getuid command to see who a i am and if need to do any priv escalations.
Looks like we are System which is root in Windows.