CTF

HackTheBox | Lame Walkthrough

. 2 min read . Written by Nautilus
HackTheBox | Lame Walkthrough

Lame is a beginner machine on HackTheBox. Lame is rated as "easy" in difficulty and only requires one exploit to obtain root access, and submit the user.txt and root.txt flags.

Lame requires basic enumeration, and the ability to quickly identify and exploit potential vulnerabilities.

Owning Lame

Let's start off with a basic nmap scan to see what's going on:

nmap -sC -sV 10.10.10.5
 -sC: equivalent to --script=default
 -sV: Probe open ports to determine service/version info

Okay so it looks like we already have some exploitable ports. I've actually done a metasploitable lab before which exploits vsftpd 2.3.4 on port 21 so lets throw that result straight into searchsploit:

As I already knew - there is a metasploit module available. Let's open up metasploit and use the existing module:

Let's set our options and then try the exploit:

After running this a couple of times the exploit kept on failing. Let's try exploiting something else. I'm now going to turn my attention to the Samba ports. Let's hop back over to searchsploit:

Awesome. Looks like we have another metasploit module. Let's use it, set our options, and hope that this one pops a shell:

After a little bit of enumeration, we found a working exploit to get in. Now let's check who we are:

Oh. We're root. That was straightforward. Let's go and grab the user.txt flag:

And now the root.txt flag:

Final Thoughts

Lame is a pretty straightforward box. Enumeration is pretty straightforward and searchsploit provides metasploit modules which with little work will get you root on this box in no time at all. Although Lame is not challenging, I do believe that this box is perfect as an "easy/beginner" box for an introduction to penetration testing.