HackTheBox Lame

HackTheBox Lame



Lame is a beginner level machine from hackthebox , this linux machine can be compromised by using only single level exploit which will directly jump into root user and can further get user flag

Inital Enumeration

Using nmap we can do a full port service scanning and identify that the following ports as open

nmap -sCV -p- -oN -vv
  • 21 - FTP ( vsftpd 2.3.4 )
  • 22 - SSH ( OpenSSH 4.7p1 )
  • 139,445 - CIFS,Samba ( 3.0.20 )
  • 3632 - distccd v1

Lame Nmap


Upon searching for Samba with version (3.0.20) , The samba is vulnerable for CVE-2007-2447 and have a metasploit module called


Upon explotitation we got a direct root shell on the box


Enumeration on the root directory will provide the root flag and home directory will provide the user flag