Embedded Files
Enumeration
From Nmap there are a handful of open ports
Decided to check the web service first and found the below, in the page source, the image has an alt-text that reads "Mr Blue aka MS17-010" indicating EternalBlue SMBv1 Vulnerability.
Using the below Nmap script, I was able to confirm the vulnerability does exists on the machine:
nmap -p139,445 --script "smb-vuln-* and not(smb-vuln-regsvc-dos)" --script-args smb-vuln-cve-2017-7494.check-version,unsafe=1 10.150.150.242
Using Mestaploit, I was able to find a working Exploit
and I have a shell
Page updated
Google Sites
Report abuse