💻
Portfolio
  • Introduction
  • License
  • Configurations
    • Homelab
    • GitBook to Docusaurus Migration
    • Mobile
    • Digital Books
    • Virtual Machines
  • Privacy and Security
    • Basic Software Investigation
    • Application Sandboxing
    • AppArmor
  • Information Technology
    • Backups
  • OSINT
    • Breach Data
      • Leveraging Breach Data
      • Breach Data Indexing
      • Breach Data Infrastructure
      • Stealer Logs
      • Miniature Breach Index
      • Containerization
    • Transportation
      • United Kingdom Vehicle Registration Search
  • Penetration Testing
    • Wireless
      • Raspberry Pi Portable Hacking Station
      • Wi-Fi
        • Pwnagotchi
        • Aircrack
    • Physical
      • Lockpicking
        • Master Lock 140D
        • Master Lock 1
      • Rubber Ducky
        • Digispark ATtiny85 Rubber Ducky
          • Windows
            • Keylogger
          • MacOS Scripts
            • Warning
            • Wi-Fi Name
            • Website Pop-up
    • Hash Cracking for Dummies
    • Advanced Hash Cracking
  • Write-ups
    • TryHackMe
      • The Marketplace
      • Game Zone
      • VulnNet: Internal
      • RootMe
      • Skynet
      • VulnNet: Roasted
      • Blueprint
      • Anthem
      • Relevant
      • Ice
      • Lian Yu
      • c4ptur3-th3-fl4g
      • CTF collection Vol.1
      • Wgel CTF
      • Anonymous
      • Startup
      • tomghost
      • Overpass 3 - Hosting
      • Agent Sudo
      • Walking An Application
      • Content Discovery
      • Subdomain Enumeration
      • Authentication Bypass
      • Pickle Rick
      • Wonderland
      • Reversing ELF
    • picoCTF
      • PicoCTF 2021
        • Obedient Cat
        • Stonks
        • Wave a flag
        • GET aHEAD
        • Mind your Ps and Qs
        • information
        • Nice netcat...
        • Transformation
        • Python Wrangling
        • Mod 26
      • PicoCTF 2023
        • babygame01
        • chrono
        • findme
        • hideme
        • HideToSee
        • MatchTheRegex
        • money-ware
        • PcapPoisoning
        • Permissions
    • Hack The Box
      • Nunchucks
      • Return
      • Antique
      • Lame
      • Validation
      • Shocker
      • Bashed
      • Nibbles
      • Beep
      • Cronos
      • Sense
      • SolidState
      • Node
      • Valentine
      • Sunday
      • TartarSauce
      • Legacy
      • Blue
      • Devel
      • Nineveh
    • Pwnable.kr
      • [fd]
      • collision
      • bof
      • flag
      • passcode (incomplete)
      • random
    • Microcorruption
      • New Orleans
      • Sydney
      • Hanoi
      • Cusco
    • Kase Scenarios
      • Dark Waters
      • Betrayal
    • Hacktoria
      • Last Flight
      • The Hunt for LOLbins
      • Mediterranean Mafia
    • SEINT_pl OSINT Quiz
      • 2022
      • 2023
  • Other Projects
    • Recipes
      • Beef Birria Tacos
      • IHOP Mango Lemonade Splasher
      • Brownie & Ice Cream
      • Peri Peri Seasoning
      • Chicken Wings
      • Pizza Bagels
Powered by GitBook
On this page
  1. Write-ups
  2. Hack The Box

Lame

Last updated 2 years ago

This is my write-up for the machine Lame on Hack The Box located at: .

I am a beginner at penetration testing, so I will be referencing the Official Hack The Box Walk-through for this machine.

rustscan: rustscan -a 10.10.10.3

I saw that port 21 was open. I was able to login to the anonymous user:

There was nothing in the folder. My guess is that I will have to upload a reverse shell on the system and then trigger it in order to get a connection to the system. I then ran enum4linux -a 10.10.10.3, which showed me this:

Running smbclient -L <IP_ADDRESS> shows the same information:

Looking in the tmp directory did not give anything useful:

From playing around in the SMB system, I noticed that I have access to the tmp and IPC$ user. Neither of those had gotten me information that I can work off of. I looked at the write-up to see what I missed. There was a exploit on Metasploit that got you root:

Now I have to look for the flags:

https://app.hackthebox.com/machines/Lame