HTB Lazy Machine – Walthrough

Scanning with nmap

Anonymous ftp account allow read write access to web server home directory.

Lets create meterpreter reverse shell in aspx

Uploading aspx shell using fileZilla ftp client

Triggering uploaded exploit

meterpreter reverse session received

Now, its time for privilege escalation. lets find local exploits for privilege escalation.

Lets try ms10_015_kitrap0d

And we received meterpreter session with NT Authority

Lets grab user CTF

And root CTF

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s