WE SEE THAT 139 AND 445 ARE OPEN SO WE ATTACK SMB SHARES WITH SMBCLIENT
WE ARE ABLE TO DISCOVER A LIST SO LETS KEEP ENUMERATING THROUGH EACH ONE TO SEE IF WE CAN GET MORE INFO
SO WE GOOGLED THE VERSION AND FOUND EXPLOITS WE CAN TRY
COPY THIS MODULE AND INSERT INTO METASPLOIT
SO THIS PAYLOAD WAS NOT WORKING, I DISCOVERED WHY WHEN I LOOKED AT THE TARGETS AND THEN LOOKED BACK AT THE NMPA SCAN AND IT DIDNT MATCH
THE 135,139 PORTS DID NOT WORK BUT THE 445 PORT DID GENERATE A SHELL
WE ARE ABLE TO POP A SHELL WITH METERPRETER ON PORT 445 WITH THE ETERNALBLUE EXPLOIT
USE THE SHELL COMMAND TO NAVIGATE THROUGHOUT THE METERPRETER SHELL
The last 3 boxes Legacy, Lame and Blue will really solidify your hands on practical experience with developing a methodology to attack smb. We know to do a nmap scan, enumerate with smbclient and then google an exploit found in the version lol
eJPT | Sec+ | Cyber Security Enthusiast. I plan on obtaining the ecpptv2 and OSCP in 2021. Just documenting my experience of becoming a pentester along the way.
