This series will follow my exercises in HackTheBox. All published writeups are for retired HTB machines. Whether or not I use Metasploit to pwn the server will be indicated in the title.
Machine IP: 10.10.10.4
As always, I start enumeration with AutoRecon. I see that the server is running SMB and the OS is likely Windows XP.
Let’s see what options I have in Metasploit. I’ll use the MS08_67 exploit.
I configure the exploit options to target
And there I have it. A root shell.
From here I can read the user and root’s flags with ease (ignoring some Windows directory traversal mistakes).