This is the place where I share my thoughts and notes about things that I’m
excited about and working on and hope to connect with people having a similar
mindset. I’d love to hear from you!
Overview# Legacy is an easy-rated, OSCP-like box on HackTheBox. It’s a Windows XP machine vulnerable to two well-known SMB exploits: MS08-067 and MS17-010. While these vulnerabilities are often exploited using Metasploit, this walkthrough demonstrates how to exploit them manually, using msfvenom for payload generation and modifying public scripts to gain a shell.
Box Info:
Name: Legacy OS: Windows Difficulty: Easy Release Date: March 15, 2017 Retire Date: May 26, 2017 Creator: ch4p Recon# Nmap scans reveal the following open ports:
Overview# Lame is a beginner-friendly Linux machine and the first box released on Hack The Box (HTB). It leverages the Samba “username map script” vulnerability (CVE-2007-2447) to gain both user and root access. This walkthrough covers the exploitation process with and without Metasploit, along with an analysis of the vulnerabilities.
Machine Details# Author: ch4p Type: Linux Difficulty: 2.7/10 Reconnaissance# Nmap Scan# A full TCP and UDP port scan reveals the following open ports:
