![]() Inside the PDF file, we can see the content where there’s some information on 5 of the vulnerability listing. Therefore, let’s download the file into our attacker’s machine. However, there’s only one pdf file has been saved over here. ![]() Nmap done: 1 IP address (1 host up) scanned in 103.49 secondsįinally, we can access the shares by using the smbclient Service Info: Hosts:, DC OS: Windows CPE: cpe:/o:microsoft:windows |_ssl-date: T17:59:49+00:00 +7h00m00s from scanner time.ģ268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: outdated.htb0., Site: Default-First-Site-Name)ģ269/tcp open ssl/ldap Microsoft Windows Active Directory LDAP (Domain: outdated.htb0., Site: Default-First-Site-Name) | Subject Alternative Name: DNS:DC.outdated.htb, DNS:outdated.htb, DNS:OUTDATEDĥ93/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0Ħ36/tcp open ssl/ldap Microsoft Windows Active Directory LDAP (Domain: outdated.htb0., Site: Default-First-Site-Name) |_ 211 DATA HELO EHLO MAIL NOOP QUIT RCPT RSET SAML TURN VRFYĨ8/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 17:58:24Z)ġ39/tcp open netbios-ssn Microsoft Windows netbios-ssnģ89/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: outdated.htb0., Site: Default-First-Site-Name) | smtp-commands:, SIZE 20480000, AUTH LOGIN, HELP Not shown: 988 filtered tcp ports (no-response) ![]() Nmap scan report for outdated.htb (10.10.11.175) Once we have started the VPN connection which requires a download from Hackthebox, we can start the information gathering on the machine by executing the command nmap -sC -sV -p-PN $nmap -sC -sV 10.10.11.175 -oA intial -Pn This room will be considered a medium machine on Hack the Box What will you gain from the Outdated machine?įor the user flag, you will need to exploit the Folina vulnerability which required us to send a link to an email address collection via SMB.Īs for the root flag, you need to abuse the Windows Server Update Service (WSUS) by creating and updating a malicious update to the DC and getting a shell as admin Information Gathering on Outdated Machine In this post, I would like to share a walkthrough of the Outdated Machine from Hack the Box
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |