BLUE
- Layout for this exercise:
1 - INTRODUCTION
- The goal of this exercise is to develop a hacking process for the vulnerable machine Blue, what is a retired machine from the Hack The Box pentesting platform:
https://www.hackthebox.eu/
2 - ENUMERATION
- Blue's IP is 10.10.10.40:
- Scanning with Nmap:
- Scanning deeper ports like 135, 139 and 445:
- This Nmap script discovers that Blue is vulnerable to SMB MS17-010 at port 445:
- Metasploit helps to confirm SMB and Operating System versions:
3 - EXPLOITATION
- Looking for information about the vulnerability MS17-010:
- There is an associated Metasploit exploit with MS17-010 vulnerability:
- Launching Metasploit and using exploit/windows/smb/ms17_010_eternalblue:
- Setting Blue's IP as RHOST:
- Setting Meterpreter as payload, Kali's IP as LHOST (interface tun0 with IP 10.10.14.2), and port 5555 as LPORT:
- Running the exploit we get a Meterpreter session with System privileges:
.... etc ....
- So in this case there is no need of Privilege Escalation.
4 - CAPTURING THE FLAGS
- Reading the 1st flag:
- Reading the 2nd flag:
