Hack the Box: Lame

Today we are going to take a look at Lame. This is a retired machine that has been out for a while.

Starting off with a rustscan we see the following:

Looking at port 445 we can see that it is running an old version of Samba:

Looking for exploits on searchsploit we quickly see a metasploit module, however there are also quite a few good ones on github. Lets use a python3 script and get a reverse shell as root:

CVE-2007-2447-in-Python/smbExploit.py at master · Ziemni/CVE-2007-2447-in-Python

With out listening already running we get a call back:

And that is it, hopefully you liked the box and learned something along the way.