Featured image of post Blue
Box

Blue

HTB Blue box writeup.

Cover photo by https://unsplash.com/@adrienl

Enumeration

Target IP: 10.10.10.40

As always, begin with the port scanning.

SMB might be running on Windows 7. Let’s enumerate SMB little deeper.

Yes, it is the EternalBlue vulnerability. CVE-2017-0143.

WannaCry ransomeware took advantage of this vulnerability to take over thousands of Windows machines on 2017, the year when I was a freshman studying cybersecurity.

Exploit

Launch meatasploit framework and search for EternalBlue exploit modules.

We’re gonna use psexec module which is index number 1.

Once done setting options, let’s exploit.

We got the meterpreter shell with the highest privilege account “SYSTEM” (this is higher than Administrator).

Got user flag.

Got root flag.

Machine pwned.

comments powered by Disqus
© 2020 - 2023 Jin's Exploit Repo
Built with Hugo
Theme Stack designed by Jimmy