Hack The Box: Blue

HackTheBox

Box: Blue

IP: 10.10.10.40

Let’s try using rustscan and see what ports are open.

Let’s use nmap and see what services are running on ports 135, 139, 445.

Looks like SMB will be the vector for this box.

Let’s try and get the SMB version running by using metasploit: scanner/smb/smb_version

Doesn’t look like we are able to detect what version us running.

Since it’s Windows 7 and is running SMB, let’s use metasploit to check if it is vulnerable to EternalBlue.

We will use: scanner/smb/smb_ms17_010

It looks vulnerable!

Let’s search for ms17-010 in metasploit and see what we get.

Let’s see what options we need to set.

Looks like we need set the remote host and remote port and it should work.

We run the exploit and we get a shell.

Written on April 6, 2021