Blue

use the nmap --scripts or -A it will tell you in your face what you need. happy hacking

I am getting an error with metasploit whenever I try to run the exploit. I am wondering if that’s my problem or the machine’s problem. I reset it a couple of times and wasn’t able to do it. It says the connection timed out.

If the session timed out, does that just mean that I need to reset it a few times for it to work? I keep getting the feeling that I did it right and the machine just isn’t working but I want to make sure.

I tried it with three different port numbers under RPORT.

@ghostheadx2 said:
I tried it with three different port numbers under RPORT.

Why?

HI, have anyone tried to exploit this manually?

@looping said:
HI, have anyone tried to exploit this manually?

good question

when i run the exploit without setting my ip by it returns this error also when i set my ip as a local host it doesnt give me any sessions and gives some error lib error any suggestion

Handler failed to bind to 10.10.10.12:4444:- -
[-] Handler failed to bind to 0.0.0.0:4444:- -

Try setting LHOST as tun0

“set LHOST tun0”

what does it means tun0

@likwidsec said:
Try setting LHOST as tun0

“set LHOST tun0”

after setting lhost tun0 same error

[] Started reverse TCP handler on 10.10.15.12:4444
[
] 10.10.10.40:445 - Connecting to target for exploitation.
[-] 10.10.10.40:445 - NameError
[-] 10.10.10.40:445 - uninitialized constant RubySMB::Error::CommunicationError
/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in start' /usr/bin/msfconsole:48:in
[*] Exploit completed, but no session was created.

any suggestions

use your htb IP

I took over Blue using Nessus and Armitage/Metasploit - GCIH newby here.
If I wanted to defend the box, how could I harden the system to prevent people like us from taking over?

Apply the patch for the appropriate CVE and/or disable SMBv1

ah, disable the service - or course. Thank you

@ghostheadx2 said:
Does anyone have any hints for Blue? I tried an intense nmap scan and a ping scan and found the name of the PC and that some ports were open but it’s not like its something simple like SSH. Could I have a hint as to what to do next? I don’t want the answer, I just want a hint because I’m a beginner and I don’t have a clue. Thanks.

Remember the exploit that wrecked havoc on major systems across the world. Trust me this is the easiest machine to exploit if you it It took me 5 minutes the moment i knew what OS it was running.

I believe I’ve found the right exploit, but when I attempt to run it from metasploit, I get an error mentioning “RubySMB::Error::UnexpectedStatusCode: STATUS_DUPLICATE_NAME”. Is this expected, or am I barking down the wrong path?

Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck :frowning:

SAME> @damag3d said:

Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck :frowning:

@damag3d said:
Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck :frowning:

Just get the right files mentioned in OWN ROOT and OWN USER and go through them to get what is required.

@technocyber2 said:

@ghostheadx2 said:
Does anyone have any hints for Blue? I tried an intense nmap scan and a ping scan and found the name of the PC and that some ports were open but it’s not like its something simple like SSH. Could I have a hint as to what to do next? I don’t want the answer, I just want a hint because I’m a beginner and I don’t have a clue. Thanks.

Remember the exploit that wrecked havoc on major systems across the world. Trust me this is the easiest machine to exploit if you it It took me 5 minutes the moment i knew what OS it was running.

In addition to it. GOOGLE is your best friend :wink:

can some one help please , i am getting this error

Reading profile /etc/firejail/wine.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
[-] Error getting output back from Core; aborting…
[-] 10.10.10.40:445 - Are you sure it’s vulnerable?
Reading profile /etc/firejail/wine.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
[-] 10.10.10.40:445 - Oops, something was wrong!
[*] Exploit completed, but no session was created.