Lame
Details:#
- OS: Linux
- RELEASE DATE: 14 Mar 2017
- DIFFICULTY: Easy
Enumeration:#
Exploitation:#
test anonymous smb login
nothing to see…
lists public shares on that server
get share details
test anonymous smb login again but this time directly to /tmp
where we have rw
permissions
nothing to see…
Get CVE details from the rest of our services:
testing manual exploit
switch to metasploit
does not look so good
Lets try the command injection vulnerability CVE-2007-2447
by using amriunix/CVE-2007-2447
Conclusion:#
simple in retrospect, as always