Sifting bit by bit

Hi friends, Yesterday, I hacked successfully the box Blue on Hack The Box site. This box is quite easy if you have the experience and feeling from the previous box: Legacy. We almost use the same technique from Legacy to compromise this Blue box. Let's get started: First, we use nmap to scan for the open ports on that box: " nmap -T4 -p 1-65535 -A -sV 10.10.10.40 ". Do you see the port 445 is open? Then keep using nmap to check if there is any vulnerability on that port: " nmap --script vuln -p445 10.10.10.40 " And, we will find that the box is vulnerable with MS17-010 bug. Now, we can use Metasploit to compromise it. After using Metasploit, we will have the shell and can find the flags on the Desktop folder of user Administrator and haris. If you want to go beyond the duty, you can do some forensics on that remote PC: Happy hacking, my friends!

Hi friends, I've just finished the Legacy box on Hack The Box, and it's retired so I would like to write down my solution. First, I have to say that I'm totally new in pentesting or CTF playing. That's why I did take a look on Hack The Box labs to find the most easiest boxes to start with, and I found 4 boxes: Legacy, Blue, Lame and Jerry. I just picked Legacy box randomly and started with nmap scanning: " nmap -p 1-63335 -T4 -A -v 10.10.10.4 " and found that we had 3 ports opening: 139, 445, 3389 . Then, I kept using nmap to check for if these is any vulnerabilities on port 445: " nmap --script vuln -p445 10.10.10.4 " and got the MS08-067 (CVE-2008-4250)  vulnerability. Now, I could use Metasploit to exploit for the above bug: " use  exploit/windows/smb/ms08_067_netapi ". You might need to set rhost option before running the exploit. After that, we will have the shell and we could find the needed flags on the Desktop fo...