This is the place where I share my thoughts and notes about things that I’m
excited about and working on and hope to connect with people having a similar
mindset. I’d love to hear from you!
Overview# Legacy is an easy-rated, OSCP-like box on HackTheBox. It’s a Windows XP machine vulnerable to two well-known SMB exploits: MS08-067 and MS17-010. While these vulnerabilities are often exploited using Metasploit, this walkthrough demonstrates how to exploit them manually, using msfvenom for payload generation and modifying public scripts to gain a shell.
Box Info:
Name: Legacy OS: Windows Difficulty: Easy Release Date: March 15, 2017 Retire Date: May 26, 2017 Creator: ch4p Recon# Nmap scans reveal the following open ports:
Overview# Lame is a beginner-friendly Linux machine and the first box released on Hack The Box (HTB). It leverages the Samba “username map script” vulnerability (CVE-2007-2447) to gain both user and root access. This walkthrough covers the exploitation process with and without Metasploit, along with an analysis of the vulnerabilities.
Machine Details# Author: ch4p Type: Linux Difficulty: 2.7/10 Reconnaissance# Nmap Scan# A full TCP and UDP port scan reveals the following open ports:
IceCTF2018 - Hard shells# Challenge Overview# Name: Hard shells Type:forensics Difficulty: easy Points:200 Description# After a recent hack, a laptop was seized and subsequently analyzed. The victim of the hack? An innocent mexican restaurant. During the investigation they found this suspicous file. Can you find any evidence that the owner of this laptop is the culprit?
Solution Walkthrough# pwn@pwn:~/Labs/forensics/IceCTF2018/hardshells$ file hardshells hardshells: Zip archive data, at least v1.0 to extract, compression method=store changed the extension
