Hello guys, Sarvan here. I’m publishing this write-up for a machine in Hack the box called LAME.

The Nmap scan result discovered

Ports 21, 139 are open, and the version of ftp running on port 21 is vsftpd 2.3.4. We have a backdoor execution for this version of vsftpd. Unfortunately, for this box the exploits for vsftpd weren’t working, and i even tried in metasploit which didn’t work

So i performed script scan on port 139 and got some juicy stuff. Which is samba version 3.0x and it is vulnerable for command execution.

I got this script after searching it…

Raghava Sai Sarvan

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store