Hack the box Optimum is a Windows based easy machine. Initial foothold was using fileserver exploit. Privilege escalation using kernel exploit. Starting with Nmap
Port 80 was the only port which was open. Site contains HTTPFileServer.
Googled a bit found an exploit. Wasn’t really that hard. Can download the exploit from the link below.
https://www.exploit-db.com/exploits/39161
We need netcat hosted in a webserver and and the rest it easy but first change the script.
We need to setup the stage to execute the show.
Had to run the exploit twice to get it working. Got the user flag, now what’s left is privilege escalation.
Nothing interesting let’s check few more things
Ran winpeas to check and the only thing that came up was password of kostas.
Found a kernel exploit. I guess will just do it this time. Download the exploit from the following link.
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/41020.exe
Got the root flag.
You can follow me on twitter to get the latest updates https://twitter.com/far3y
Be First to Comment