HackTheBox - Legacy && Blue
HackTheBox - Legacy && Blue
HackTheBox - Legacy
About Legacy
Legacy is a fairly straightforward beginner-level machine which demonstrates the potential security risks of SMB on Windows. Only one publicly available exploit is required to obtain administrator access.
Nmap
# nmap -n -v -sC -sV --min-rate=1500 10.10.10.4
再用nmap自带的smb漏扫脚本去扫描,扫描出了ms17-010
以及ms08-067
漏洞
# nmap -n -v --script=smb-vul* --min-rate=1500 10.10.10.4
MSF
MSF启动!
设置好参数,一键getshell
HackTheBox - Blue
About Blue
Blue, while possibly the most simple machine on Hack The Box, demonstrates the severity of the EternalBlue exploit, which has been used in multiple large-scale ransomware and crypto-mining attacks since it was leaked publicly.
Nmap
# nmap -n -v -sC -sV --min-rate=1500 10.10.10.40
# nmap -n -v --script=smb-vul* --min-rate=1500 10.10.10.40
用一样的方法检测出了永恒之蓝漏洞
MSF
MSF启动!这次是一只很可爱的小牛
直接search ms17-010
use 0
可以看到这个exp在这些OS版本下可利用,正好我们的靶机是win7