Blue

HI, have anyone tried to exploit this manually?

@looping said:
HI, have anyone tried to exploit this manually?

good question

when i run the exploit without setting my ip by it returns this error also when i set my ip as a local host it doesnt give me any sessions and gives some error lib error any suggestion

Handler failed to bind to 10.10.10.12:4444:- -
[-] Handler failed to bind to 0.0.0.0:4444:- -

Try setting LHOST as tun0

“set LHOST tun0”

what does it means tun0

@likwidsec said:
Try setting LHOST as tun0

“set LHOST tun0”

after setting lhost tun0 same error

[] Started reverse TCP handler on 10.10.15.12:4444
[
] 10.10.10.40:445 - Connecting to target for exploitation.
[-] 10.10.10.40:445 - NameError
[-] 10.10.10.40:445 - uninitialized constant RubySMB::Error::CommunicationError
/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in start' /usr/bin/msfconsole:48:in
[*] Exploit completed, but no session was created.

any suggestions

use your htb IP

I took over Blue using Nessus and Armitage/Metasploit - GCIH newby here.
If I wanted to defend the box, how could I harden the system to prevent people like us from taking over?

Apply the patch for the appropriate CVE and/or disable SMBv1

ah, disable the service - or course. Thank you

@ghostheadx2 said:
Does anyone have any hints for Blue? I tried an intense nmap scan and a ping scan and found the name of the PC and that some ports were open but it’s not like its something simple like SSH. Could I have a hint as to what to do next? I don’t want the answer, I just want a hint because I’m a beginner and I don’t have a clue. Thanks.

Remember the exploit that wrecked havoc on major systems across the world. Trust me this is the easiest machine to exploit if you it It took me 5 minutes the moment i knew what OS it was running.

I believe I’ve found the right exploit, but when I attempt to run it from metasploit, I get an error mentioning “RubySMB::Error::UnexpectedStatusCode: STATUS_DUPLICATE_NAME”. Is this expected, or am I barking down the wrong path?

Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck :frowning:

SAME> @damag3d said:

Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck :frowning:

@damag3d said:
Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck :frowning:

Just get the right files mentioned in OWN ROOT and OWN USER and go through them to get what is required.

@technocyber2 said:

@ghostheadx2 said:
Does anyone have any hints for Blue? I tried an intense nmap scan and a ping scan and found the name of the PC and that some ports were open but it’s not like its something simple like SSH. Could I have a hint as to what to do next? I don’t want the answer, I just want a hint because I’m a beginner and I don’t have a clue. Thanks.

Remember the exploit that wrecked havoc on major systems across the world. Trust me this is the easiest machine to exploit if you it It took me 5 minutes the moment i knew what OS it was running.

In addition to it. GOOGLE is your best friend :wink:

can some one help please , i am getting this error

Reading profile /etc/firejail/wine.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
[-] Error getting output back from Core; aborting…
[-] 10.10.10.40:445 - Are you sure it’s vulnerable?
Reading profile /etc/firejail/wine.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
[-] 10.10.10.40:445 - Oops, something was wrong!
[*] Exploit completed, but no session was created.

@redteampa1 I am also getting the same error.
Please if you find how to fix it tell me in the comments.

i m inside but i can not find flag.How can i find? Can u help me?

Hi guys, I’m a noob here and I am currently stuck on this too! I think i’ve found the right exploit but it doesnt seem to be working. Are we definitely talking SMB related? Tried running exploit directly with metasploit which seemed to struggle finding deps folder. Ran in armitage but I cant seem to get that working either. Now all of sudden I cannot scan any machines - despite still being connected correctly to vpn? Any ideas please, I’m about to pull the hair out of my bald head! Thank you