HackTheBox - Lame - Walkthrough

starts actual video at 2:35

Great !!!

you should do more hackthebox videos, very useful keeup it up

You have made a difficult one into simplest one bro, you are fantastic

Does the exploit fail for anyone else?

There is one more port(3632) which comes while doing full port scan(distcc), it is vulnerable and can be exploited with an exploit in metasploit. Doesn't give root but there is nmap suid to do privesc.

This is awesome. Thanks . I started studying for the OSCP and I am doing all HTB challenges

That was excellent. Clear, methodical, and logical. Great job!

This was an "easy" task.. I have absolutely no idea what you just did and what you solved for.. long story short.. WTF

Here is an easy walkthrough, 4 minute read
medium.com/@fellsec/hackthebox-write-up-lame-31757ce0e395

What payloads should I use?

Please please make Linux course basic to very advanced

You made that look easy Thanks - hoping for more tutorials starting from (very) basic Cheers

after seaching for samba 3.0.20 on metasploit, so many scripts appear, how/why did you pick the user_map_script??

Vsftpd is not the way in this machine because the vulnerability is that you use a :) in the username prompt to get to the back door . Since we are user 331 in this scenario no username prompt was given.

The hack depends on knowing the correct samba version (3.0.20) but my nmap scan (-sV -sC -A 10.10.10.3) does not show the version on port 139 or 445 or in host scripts. Just 3.X - 4.X
So i wasnt able to hack the box. :'( any ideas why my scan is different to the one in the video?

Is hack the box free..?

Bro
Tell me that
If host were not rooted then what's the way to open root directory
Tell me
Please
Thanks 😃🤓

Quick question, what payload are you using? I’m being a bit curious

Your videos are amazing ... Please make a video on machine : " Sunday " , waiting for your video !!

As someone who worked in a SOC for 2 years and wanted to learn the other side of things... that was dope

î am pretty sure that there ls a confusion between searchsploit and metasploit

If you find that the nmap scripts won't work correctly, you can use the smb_version auxiliary module in metasploit.

There is no wrongs but just use cd ../../../ to get out of hall directores instead of using single cd ..

Thanks for this, I'm new to pentesting and whilst I have some of the basic skills at my disposal now, it's still a very steep learning curve. This video has been a huge help in getting started with a simple exploit procedure and I look forward to working my way through your other videos. Keep up the great work.

My port for the samba is showing closed after nmap

tengo un problema, no me escanea los puertos, me los ignora! necesito saber que puertos estan abiertos

Bruh this is command prompt

I loved your explanation
Simple 🕶️

why my output is different
?
root@kali:~/Downloads# nmap -sV -sC -A 10.10.10.3
Starting Nmap 7.70 ( nmap.org ) at 2019-08-05 23:11 EDT
Nmap scan report for 10.10.10.3
Host is up (0.00047s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE VERSION
21/tcp open tcpwrapped
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: storage-misc
Running (JUST GUESSING): British Gas embedded (92%)
Aggressive OS guesses: British Gas GS-Z3 data logger (92%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1 0.14 ms 10.10.10.3

quick tip to everyone using nmap, if you run Nmap 7.80 you are running a buggy version that will miss some stuff like the Samba version from the video. Just found this out doing a box. Install from source!
(i.e. if you installed nmap using apt you are running the buggy version)

i have problem in net work access nmap scan i was connect woth openvpn

Anyone know the correct way to add LHOST ? I keep getting error “ exploit completed but no session created”

Is it good for me to solve Retired Labs? Or does it give me no ranking at all? For example, I will not become a Pro Hacker?

For connect to the ritired machines, you need to switch to VIP and pay?

I just starting, but I don't have this feature on my account.There is not an explanation on website also .Is there any tutorial beginner of this video?

Love you so much! Please make more video about ctf and getting in with blackbox.

The web application is vulnerable to SQL injection there's also login details on the database several admin users and several hashed passwords but I don't think it has nothing to do with the box in general. Just a point to make out if people are looking at if that way round.

I realize that this is an old video, but let me make this comment anyway. You appeared to be in a bit of a hurry. Please don't do that.

1st view dude

When I ran the exploit it I got the same message as before I followed your guide exactly as you did it. Why do I keep getting exploit completed but no shell prompt like you did

Can you please make a video of how to capture flags on HTB Multimaster

looks like he is addicted to metasploit , it would be better if you walkthrough without metasploit

How can I borrow your brain lol 😆

Can you find the binary inside the python library or you gotta go straight to the port?

Hey, Mr. Sploit, I try to connect to HTB, and I refresh my connection pack as they recommended, but i always get the error “fatal error” and I can’t do anything with the website. Have you heard of this and do you have any advice?

This machine was having all metasploitable 2 vulnerability

bro you are so awesome :)) thanks for any suggestion thing .. keep it up

I'm doing a series of HackTheBox on my channel

How would we do it without Metasploit?

@HackerSploit why don;t you makes video on ctf, liked it very much, explanatory.

What happens after that, does it then show as green in the main dashboard or do you need to do something with the info from the txt files?

Wow those python and malware series I am looking forward to! I enjoyed this video very much, I learned from it and I like how you started with hackthebox! Keep it up, thanks man!

i couldnt find lame on hackthebox website could someone help please

lmao, since when did this video become age restricted?

That box was really easy. It took nothing but the exploits from searchsploit to get into the system.

Excellent video. Thank you!

Please do a tour of hackerrank , hackerearth, codechef...

which software did you use to write the code??? could you please explain me...thank you

More hackthebox please

hi,
i love your video quite explainable and interesting
am new to hackthebox and also pentesting mind sharing few tip on how to go by HOB

*My friend can you make a video on how to set up TOR with a VPN like ProtonVPN...thanks*

How your virtual box seems so fast...mine lag too much....as i use a laptop and have a 4gb ram....do i have to increase the ram??? Please help me

HP I cant stick incompatible software since its more advanced till the end of time.

what are you actually hacking into? what is your target and goal?

hi i don't know ur name hh but can u tel me pleas why when i made a script in wind7 by py i move to kali but is not worcking just give me errors pleas help with any thins

What happened to shell scripting? Make more video about bin bash

I think its not "allowed" to post hackthebox walkthroughs since you need to solve a challenge to even be able to join them and get their content, but please tell me if i misunderstood.

Thanks

Please make a video about how to bypass cloudflare please sir

please do not use metasploit, too easy

How did you record video bro my fps is very low with kazam

Is there a discord you run?

I can't buy your courses on udemy since its a private course. I requested an invitation. Can you please send the invite

hi, do you make more videos about hackthebox?

Great video learn so much from just watching yhis

hello may i which app are you using for the split terminal?

why aren't making anymore HTB boxes

where is Exploit Development series? have you working on it?

Please give me a rply if possible

One of the only channel that listens to their viewers.

Can you make more video like this

Where he got txt file?

any one have a soulution for me pleas help

Man, you should write a book haha, great vds, !!

you make it look so easy.. we want more!

What are the ways to learn real world hacking

You should do the DEFCON CTF!

Thanks a lot

Excellent 😊

Another HackTheBox thank you so much👍🏻

What's your discord server

Thanks again for the Walkthrough

So what exactly was the point to find in this exercise? A hash for the root user... what for? Are you sure you did it right?

i am having issue to connect retired box 😢😢

lol

Start 2:15

ftp command not found , how can i set ftp in kali ?

Herman accent

You are smart. Thank you for your wisdom.