Book Image

Kali Linux CTF Blueprints

By : Cameron Buchanan
Book Image

Kali Linux CTF Blueprints

By: Cameron Buchanan

Overview of this book

Table of Contents (14 chapters)
Kali Linux CTF Blueprints
About the Author
About the Reviewers

Exploitation guides

The following are exploitation guides for the scenarios created in this chapter. These are guidelines, and there are more ways to exploit the vulnerabilities.

Scenario 1 – smashing Samba

The brief provided for this exploitation guide is assumed to be: Find the key file in a shared location on the network. Perform the following steps for this scenario:

  1. First of all, we run NMAP to do host discovery against the network. If we run NMAP with the A parameter, it will actually connect to and profile any open file-sharing platforms. I'm not going to bore you with yet another NMAP output.

  2. We should see that there are SMB shares open to guests. Let's go and have a look by using the SMB client, smbclient <ip address>/<sharename>; so, in this case, it's smbclient // The following screenshot shows the contents of the key file:

  3. Right, so there's our key file. You can see that I can't read it on the system, which means it's probably owned by root. What we...