Legacy writeup by Zarrius

Fun beginner box, showing Metasploit and Manual Methods. Open to any feedback on my writeups for improvement :)

https://esseum.com/hack-the-box-legacy-writeup/

Comments

  • Great job on the Legacy write-up! It was pretty detailed. It's sad to see no more many MS17 during the pentesting engagements :) Keep it up sir!

  • @bigb0ss said:
    Great job on the Legacy write-up! It was pretty detailed. It's sad to see no more many MS17 during the pentesting engagements :) Keep it up sir!

    Thank You :)

  • Pretty cool writeup! :smile:

    PromeDNS

  • This was a pretty cool writeup. I'm in the process of completing Legacy that's a part of my prep for OSCP. One question: did you try to exploit ms08-67 on this box? That doesn't seem to work. I'm trying that all my writeups/notes include popping up the box with all possible scenarios. Mostly retired machines but more importantly, without Metasploit

  • Type your comment> @goonerhound said:

    This was a pretty cool writeup. I'm in the process of completing Legacy that's a part of my prep for OSCP. One question: did you try to exploit ms08-67 on this box? That doesn't seem to work. I'm trying that all my writeups/notes include popping up the box with all possible scenarios. Mostly retired machines but more importantly, without Metasploit

    I actually did not try ms08_067 even though that's the official way to do it for Legacy, I find Eternal Blue to work exceptionally well between the two.

    Oxdf has a great writeup on the manual exploit of ms08_067 if you haven't checked it out yet. https://0xdf.gitlab.io/2019/02/21/htb-legacy.html#ms-08-067

    Best of luck on your OSCP! My test is in a few weeks too, pm me if you need anything

  • @zarrius I did see that write up after I got Eternal blue but apparently when I do nmap check for smb-vulns, Only eternal blue shows up. Got a little busy last week with work so this weekend, I'll complete 3 boxes. I'll send you a pm and start a chat there. Good luck to you too

Sign In to comment.