Blue

Blue writeup by Thamizhiniyan C S

Overview

Hello everyone, In this blog we are going to solve Blue from HackTheBox.

Link for the machine : https://app.hackthebox.com/machines/51

Lets Start 🙌

Connect to the HTB server by using the OpenVpn configuration file that’s generated by HTB.

[ Click Here to learn more about how to connect to vpn and access the boxes. ]

After connecting to the vpn service, click on Join Machine to access the machine’s ip.

After joining the machine you can see the IP Address of the target machine.

Reconnaissance

First I started by scanning for open ports on the target machine.

Rustscan

Results

From the scan results, I found the following service: Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: WORKGROUP). I google about this service and got this:

MS17-010 EternalBlue SMB Remote Windows Kernel Pool CorruptionRapid7

Exploitation

I opened metasploit and run the above mentioned exploit:

The attack was successful and I got the meterpreter shell back. Now its time to find the flags.

Getting the User Flag

Found the user flag at C:\Users\haris\Desktop\user.txt

Getting the Root Flag

Found the user flag at C:\Users\Administrator\Desktop\root.txt

We have successfully obtained all the flags.

Thank You!!!!

PreviousUnder Construction NextIntro To Android Exploitation

Last updated 9 months ago