LAME — HTB walkthrough

Simplest of all. A hint to pentest methodology

Enumeration

nmap scan

FTP Enumeration

— Anonymous Login allowed — No files upload or download

Username: anonymous Password : <empty>

OPENSSH 4.7 Enumeration

NETBIOS SAMBA ENUMERATION

root@kali:~/Downloads/htb/Lame# searchsploit samba

EXPLOITATION

Using Metasploit

WE ARE ROOT !!! finding root flag

Get a bash using python pty

Enumerating and traversing to /home/makis. We find user.txt

Easiest machine. Just wrote walk through to let newbies get a kick start. Happy hacking