For the last twelve months I have been subscribing to attack defence because it has so many labs topic-wise and CTF's for exploitation and recon. I am not doing any marketing here, this is my genuine feedback and I am learning a lot from this resource, to help it sink in I am sharing what I learned with you, in this series I will be discussing their Basic Windows Exploitation with Metasploit Framework.

In this first post you will see how I compromised the Easy File Sharing Server and gained access to the machine via metasploit, the link to lab I used is here.

Reconnaissance

In this I am using nmap tool to find the list of open ports on the target system.

nmap --top-ports 60000 10.5.27.34 -vvv


NOTE In my case the IP is 10.5.27.34, when you will boot up the server you will get another IP. You can find the IP in /root/Desktop/target file

So, I found that HTTP service is running on port 80

When I opened the IP in browser, I found that it's BadBlue Enterprise Edition 😁

The exploit for BadBlue was submitted to exploit-db in 2010: https://www.exploit-db.com/exploits/16806.

Luckily we have the metasploit module for this: https://www.rapid7.com/db/modules/exploit/windows/http/badblue_passthru/

Use the following exploit in metasploit console, configure and run the exploit

msf5> use exploit/windows/http/badblue_passthru

On searching I found that the flag can be found in C:\flag.txt file

If you liked this post, you can contact me via following platforms

About The Images Used In This Article

This weeks image theme is 'places we would rather be than our bedroom offices' and in the picture below we can see Laguna Colorada in Bolivia. About a three-hour drive north from Chile’s San Pedro de Atacama, this salt lake in the shadow of the Andes is known for its blood-red waters, the result of algae that thrive in extreme heat. Flamingos (and the lake) look their best from December to April when the lake is full of water, making it more reflective for photos, and the birds are breeding. Be sure to try and catch the lake at sunset, when it’s at its reddest.