Blue: HTB
First start with your scan (soon I’ll likely starting off like Ippsec because hes got some neat tips and tricks)
Port 445 is open so lets enumerate the service
we get nothing for searching the shares but when you research the version of smb we have an exploit CVE-2017-0144.
https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue/
start msfconsole -q so its quiet
We will use 0
Then set your options
You can either type "run" or "exploit" to launch the attack
NOTE: If you are using htb pwnbox set your LHOST to pwnbox or the exploit will not work
The 209.151.148.61 address is not correct
Stares at camera
Obligatory: “We’re in”
We are system32 so we have admin access go get flag
Don’t forget your user flag
As always. Stay curious my friends.