Skip to content

Hack the box – Optimum without Metasploit

Hack the box Optimum is a Windows based easy machine. Initial foothold was using fileserver exploit. Privilege escalation using kernel exploit. Starting with Nmap

Port 80 was the only port which was open. Site contains HTTPFileServer.

Googled a bit found an exploit. Wasn’t really that hard. Can download the exploit from the link below.

https://www.exploit-db.com/exploits/39161

We need netcat hosted in a webserver and and the rest it easy but first change the script.

We need to setup the stage to execute the show.

Had to run the exploit twice to get it working. Got the user flag, now what’s left is privilege escalation.

Nothing interesting let’s check few more things

Ran winpeas to check and the only thing that came up was password of kostas.

Found a kernel exploit. I guess will just do it this time. Download the exploit from the following link.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/41020.exe

Got the root flag.

You can follow me on twitter to get the latest updates https://twitter.com/far3y

Published inHackinghacktheboxOSCP

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *