🔓
Firelocked Blog
  • Firelocked Security Blog
  • CTFs
    • HTB
    • Challenges
    • Vulnhub
  • Projects
    • 100 Red Team Projects
    • Homelab Developments
  • CheatSheets
    • Linux Cheat Sheets
    • Windows Cheat Sheets
    • Platform Agnostic
  • HTB
    • Lame
    • Bashed
Powered by GitBook
On this page
  • Initial Recon
  • Initial Shell
  1. HTB

Lame

PreviousPlatform AgnosticNextBashed

Last updated 2 years ago

Lame is the second box in our TJNull walk through list. It is another Easy level box on Hack the Box. To access these retired boxes, you will need a VIP level subscription to Hack the Box. With all of that said, let's jump in!

Initial Recon

As with most boxes we'll cover here, we'll start off with an nmap scan. The most common version of the scan I run to kick off an assessment is listed below. If you would like to dig deeper into what each flag means, I would recommend using the nmap man page listed here

Looking at the scan results we see that the server is running vsFTPd. If we search for the version online, we find an exploit for the ftp server. Here is a common one on Exploit-DB. However, we will be using Metasploit for this walk through.

The vulnerability is not exploitable so we'll have to continue with our enumeration to determine a way in.

Going down the initial scan, we see that there is a version of Samba. After some googling, we found another exploit for this application. Let's try this out.

Initial Shell

And we have a shell. Let's see who we are running as.

Congrats! We have owned another box. Now you are able to grab the root flag and continue on your path to the OSCP!