HTB Retires: Legacy

LegacyScreenshot-Title.png

Hack the Box Presents: Legacy.
  This box was very easy to Pwn, yet there are many ways to go about it it. I will show you one way.

 

1nma_orig.png

First thing first as always, i fire up Nmap to see what available ports are open.
  Once the scan is completed, i see that port 139 port 445 and port 3389 as results.
Only 2 ports are open 139 and 445, port 3389 is closed.
Knowing Microsoft samba service i check to see what exploits i can use against it.

2_orig.png

Wow! Quite a few results. I tried a few of them but the one that was useful was:
exploit/windows/smb/ms08_067_netapi
Lets get a shell.

4shell_orig.png
5info_orig.png

We now have a shell, very simple. Using the sysinfo commnd, its tell me some useful information. Then i use the getuid command to see who a i am and if need to do any priv escalations.
Looks like we are System which is root in Windows.
 

6john_orig.png
screenshot-from-2017-07-31-05-02-43_orig.png