Sign in Subscribe

HTB - Blue

sueks

1 min read

After Cronos gave me enough trouble between the SQLi and the reverse shell I wanted something I thought would be straightforward. So I went with Blue which if I can bet involves EternalBlue!

Right to it with NMAP:

An older version of SMB, lets poke around.

Bingo.

I really wanted to do this in Python2 to practice my virtual environment skills. So that’s what we will do.

Of course I ran into a bunch of headaches. Something I need to work on. I managed to get a working script going and of course the box crashed. So after a reset, I blasted away and box crashed again.

So I went with Metasploit. More stable here and I was okay doing this because I knew what was vulnerable etc.

This box was very buggy and metasploit failed a few times. Eventually it grabbed and I got both flags.

Sign up for more like this.

Enter your email
Subscribe