HackTheBox - Lame - Walkthrough

Подписаться 941 тыс.

Просмотров 214 тыс.

50% 1

Hey guys! HackerSploit here back again with another video, in this video, i will be going through how to successfully pwn Lame on HackTheBox.
⭐Help Support HackerSploit by using the following links:
🔗 NordVPN: nordvpn.org/ha...
Use the link above or the code below for 77% Off your order
Promo Code: hacker
Patreon: / hackersploit
I Hope you enjoy/enjoyed the video.
If you have any questions or suggestions feel free to ask them in the comments section or on my social networks.
🔗 HackerSploit Website: hsploit.com/
🔹 Support The Channel
NordVPN Affiliate Link: nordvpn.org/ha...
Patreon: / hackersploit
🔹 Get Our Courses
Get a special discount on our courses:
The Complete Deep Web Course 2018:
www.udemy.com/...
🔹 SOCIAL NETWORKS - Connect With Us!
-------------------------------
Facebook: / hackersploit
Twitter: / hackersploit
Instagram: / hackersploit
Patreon: / hackersploit
--------------------------------
Thanks for watching!
Благодаря за гледането
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
#Hacking#HackTheBox#CTF

Опубликовано:

29 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 209

@davidbeiler6364 5 лет назад

starts actual video at 2:35

@ooha 4 года назад

Slow af

@anzarmahboobgillani492 4 года назад

thanks

@swammers8520 4 года назад

My hero!

@mrwilson.1 3 года назад

Thanks bro

@magiermexico 4 года назад

Great !!!

@tbogun72 5 лет назад

you should do more hackthebox videos, very useful keeup it up

@aravindaddula8137 4 года назад

You have made a difficult one into simplest one bro, you are fantastic

@Slickjitz 4 года назад

Does the exploit fail for anyone else?

@TheHydra122 8 месяцев назад

Yes, i keep getting ''Exploit completed, but no session was created."

@Nathan-q3c2s 8 месяцев назад

@@TheHydra122problem is likely that the LHOST is set to the wrong IP. One thing you can try is setting it to listen to tun0 which should be the IP used to connect to HTB. Type "set LHOST tun0" to reconfigure the listening ip and give that a whirl.

@l_s2701 8 месяцев назад

@@TheHydra122LHOST is likely misconfigured. Try setting the LHOST to your HTB IP with 'set LHOST tun0'.

@TheHydra122 8 месяцев назад

Guys i know why. U also need to change IP for your VM machine.. it not shown in here, but this is what u have to do

@nithish5762 6 месяцев назад

@@TheHydra122what ip??

@gauravpurswani3830 4 года назад

There is one more port(3632) which comes while doing full port scan(distcc), it is vulnerable and can be exploited with an exploit in metasploit. Doesn't give root but there is nmap suid to do privesc.

@ITSecurityLabs 5 лет назад

This is awesome. Thanks . I started studying for the OSCP and I am doing all HTB challenges

@ninehichem5037 5 лет назад

iam learning security+ and i wanna start doing htb , do i follow guys on yt or i just download machine and start doing writing anything by myself?

@n0nuser 4 года назад

@@ninehichem5037 You should do both at the same time, try yourself if gets stuck then looked at the video just where you got stuck and continue by yourself again. That's the best way to learn I think.

@munyaradzimunoz9536 3 года назад

Great to see IT Security Labs following other fountains of Wisdom

@hectorgarc3963 5 лет назад

That was excellent. Clear, methodical, and logical. Great job!

@HackerSploit 5 лет назад

Thank you very much.

@A.M.1. 3 года назад

This was an "easy" task.. I have absolutely no idea what you just did and what you solved for.. long story short.. WTF

@secopsanalyst859 4 года назад

Here is an easy walkthrough, 4 minute read medium.com/@fellsec/hackthebox-write-up-lame-31757ce0e395

@Pow_Mafia 4 года назад

What payloads should I use?

@funreels6421 5 лет назад

Please please make Linux course basic to very advanced

@paulmorrey733 5 лет назад

You made that look easy Thanks - hoping for more tutorials starting from (very) basic Cheers

@ahmedpito 2 месяца назад

after seaching for samba 3.0.20 on metasploit, so many scripts appear, how/why did you pick the user_map_script??

@patrickmoloney672 Месяц назад

Vsftpd is not the way in this machine because the vulnerability is that you use a :) in the username prompt to get to the back door . Since we are user 331 in this scenario no username prompt was given.

@yannickpeter8607 4 года назад

The hack depends on knowing the correct samba version (3.0.20) but my nmap scan (-sV -sC -A 10.10.10.3) does not show the version on port 139 or 445 or in host scripts. Just 3.X - 4.X So i wasnt able to hack the box. :'( any ideas why my scan is different to the one in the video?

@kavishgour3267 4 года назад

Run 'smbmap -H 10.10.10.3' you'll see the version in the comment section.

@Kdaddyis 3 года назад

Is hack the box free..?

@Killergaming23 4 года назад

Bro Tell me that If host were not rooted then what's the way to open root directory Tell me Please Thanks 😃🤓

@bringyourowndrugs 4 года назад

sudo su passwd root Enter New Pass, confirm it Change user and Login Using Root and Pass

@Killergaming23 4 года назад

Thanks

@TheBiggestMacOfThemAll 2 месяца назад

Quick question, what payload are you using? I’m being a bit curious

@whitehatgurutelugu9901 3 месяца назад

Your videos are amazing ... Please make a video on machine : " Sunday " , waiting for your video !!

@ejrz6553 5 лет назад

As someone who worked in a SOC for 2 years and wanted to learn the other side of things... that was dope

@nicolasno-name8990 4 года назад

î am pretty sure that there ls a confusion between searchsploit and metasploit

@JohnDoe-gj2mv 4 года назад

If you find that the nmap scripts won't work correctly, you can use the smb_version auxiliary module in metasploit.

@robinhood3841 5 лет назад

There is no wrongs but just use cd ../../../ to get out of hall directores instead of using single cd ..

@DarthAzreal 4 года назад

Thanks for this, I'm new to pentesting and whilst I have some of the basic skills at my disposal now, it's still a very steep learning curve. This video has been a huge help in getting started with a simple exploit procedure and I look forward to working my way through your other videos. Keep up the great work.

@olabanjidavid2512 3 месяца назад

My port for the samba is showing closed after nmap

@ramonbalcarce-dd5uq Год назад

tengo un problema, no me escanea los puertos, me los ignora! necesito saber que puertos estan abiertos

@ooha 4 года назад

Bruh this is command prompt

@krivi4557 3 года назад

its terminal

@vishalsrivastava3498 2 года назад

I loved your explanation Simple 🕶️

@yasirmohammad128 5 лет назад

why my output is different ? root@kali:~/Downloads# nmap -sV -sC -A 10.10.10.3 Starting Nmap 7.70 ( nmap.org ) at 2019-08-05 23:11 EDT Nmap scan report for 10.10.10.3 Host is up (0.00047s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 21/tcp open tcpwrapped Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: storage-misc Running (JUST GUESSING): British Gas embedded (92%) Aggressive OS guesses: British Gas GS-Z3 data logger (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS 1 0.14 ms 10.10.10.3

@SrRunsis Год назад

quick tip to everyone using nmap, if you run Nmap 7.80 you are running a buggy version that will miss some stuff like the Samba version from the video. Just found this out doing a box. Install from source! (i.e. if you installed nmap using apt you are running the buggy version)

@whitedavil9463 4 года назад

i have problem in net work access nmap scan i was connect woth openvpn

@bringyourowndrugs 4 года назад

YES same, did you find a solution to this?

@whitedavil9463 4 года назад

@@bringyourowndrugs no

@bringyourowndrugs 4 года назад

I'm guessing we need to be paid members to access

@whitedavil9463 4 года назад

@@bringyourowndrugs i have paid account

@bringyourowndrugs 4 года назад

@@whitedavil9463 ohh okay. Let me know if you find a solution.

@aaronmoore5295 4 года назад

Anyone know the correct way to add LHOST ? I keep getting error “ exploit completed but no session created”

@danwood8084 4 года назад

same

@danwood8084 4 года назад

no payload thats why, did you figure it out

@aaronmoore5295 4 года назад

Daniel Wood I figured it out

@aleamil3435 3 года назад

same

@aleamil3435 3 года назад

could you solve it?

@razmjumehdi9069 2 года назад

Is it good for me to solve Retired Labs? Or does it give me no ranking at all? For example, I will not become a Pro Hacker?

@Solvente_e_Soluto 4 года назад

For connect to the ritired machines, you need to switch to VIP and pay?

@ebymohan 4 года назад

Yes

@alexman340 4 года назад

I just starting, but I don't have this feature on my account.There is not an explanation on website also .Is there any tutorial beginner of this video?

@Роберт-и8х 4 года назад

Love you so much! Please make more video about ctf and getting in with blackbox.

@ashleybishton742 4 года назад

The web application is vulnerable to SQL injection there's also login details on the database several admin users and several hashed passwords but I don't think it has nothing to do with the box in general. Just a point to make out if people are looking at if that way round.

@VulcanOnWheels 5 лет назад

I realize that this is an old video, but let me make this comment anyway. You appeared to be in a bit of a hurry. Please don't do that.

@rk.x01 5 лет назад

1st view dude

@HackerSploit 5 лет назад

#NotificationSquad!

@ThriveTalesTV 5 лет назад

how could you .

@davidbeiler6364 5 лет назад

no one cares, good luck with life

@hsupply7064 2 года назад

When I ran the exploit it I got the same message as before I followed your guide exactly as you did it. Why do I keep getting exploit completed but no shell prompt like you did

@hsupply7064 2 года назад

I figured it out for the people's session who does not start run a ifconfig then set your host to your net address and it will work

@jacobfurnish7450 Год назад

@@hsupply7064 net address? What specifically do you mean i have the same issue

@driftv8253 4 года назад

Can you please make a video of how to capture flags on HTB Multimaster

@tarandeepsingh4291 4 года назад

looks like he is addicted to metasploit , it would be better if you walkthrough without metasploit

@mgabriel650 3 года назад

How can I borrow your brain lol 😆

@Eliferatu 10 месяцев назад

Can you find the binary inside the python library or you gotta go straight to the port?

@FearlessSec 5 лет назад

Hey, Mr. Sploit, I try to connect to HTB, and I refresh my connection pack as they recommended, but i always get the error “fatal error” and I can’t do anything with the website. Have you heard of this and do you have any advice?

@prateekdubey5028 4 года назад

This machine was having all metasploitable 2 vulnerability

@SForc3re 3 года назад

bro you are so awesome :)) thanks for any suggestion thing .. keep it up

@ronit2427 5 лет назад

I'm doing a series of HackTheBox on my channel

@brettnieman3453 5 лет назад

How would we do it without Metasploit?

@selflearningcybersec Год назад

@HackerSploit why don;t you makes video on ctf, liked it very much, explanatory.

@menez031 4 года назад

What happens after that, does it then show as green in the main dashboard or do you need to do something with the info from the txt files?

@Warlock1515 5 лет назад

Wow those python and malware series I am looking forward to! I enjoyed this video very much, I learned from it and I like how you started with hackthebox! Keep it up, thanks man!

@thedarkorien5036 4 года назад

i couldnt find lame on hackthebox website could someone help please

@kyleolivier5685 3 года назад

lmao, since when did this video become age restricted?

@JohnDoe-vn6by 4 года назад

That box was really easy. It took nothing but the exploits from searchsploit to get into the system.

@user-cd5sg1kn6y 5 лет назад

Excellent video. Thank you!

@deepadevi1347 4 года назад

Please do a tour of hackerrank , hackerearth, codechef...

@surajgurung8491 5 лет назад

which software did you use to write the code??? could you please explain me...thank you

@unofficialcut 5 лет назад

More hackthebox please

@michaelharfiee7463 4 года назад

hi, i love your video quite explainable and interesting am new to hackthebox and also pentesting mind sharing few tip on how to go by HOB

@Super_Cool_Guy 5 лет назад

*My friend can you make a video on how to set up TOR with a VPN like ProtonVPN...thanks*

@nandaybirb6633 5 лет назад

Use the VPN client. Connect to TOR.... LOL

@Super_Cool_Guy 5 лет назад

@@nandaybirb6633 exactly how explain that stupid !

@nandaybirb6633 5 лет назад

@@Super_Cool_Guy You install the client the VPN provider gives you when you purchase it. They give you instructions on how to do so for your operating system. Then you download the TOR browser. If you can't figure that out on your own there is plenty of videos on how to do so or you can read the TOR documentation. You connect to the VPN with that client then you launch the TOR browser. BTW don't call people stupid when you're asking for help. It's counter inventive.

@Super_Cool_Guy 5 лет назад

@@nandaybirb6633*But you are an Stupid idiot, so what you advise is setup a VPN on the computer then run the TOR browser......so how will that give you access to the TOR network ......man you really are a DUMB idiot*

@GeneralMoh 5 лет назад

@@Super_Cool_Guy You are so repulsive and cantankerous idiot ever existed! You need help yet you are insulting those you seek help from! Dumbass

@rikivivek98 5 лет назад

How your virtual box seems so fast...mine lag too much....as i use a laptop and have a 4gb ram....do i have to increase the ram??? Please help me

@octavian15202 5 лет назад

You are trying to increase the ram on your laptop or your virtual box?

@levicampre3411 4 года назад

HP I cant stick incompatible software since its more advanced till the end of time.

@trava4156 5 лет назад

what are you actually hacking into? what is your target and goal?

@drakula5263 5 лет назад

hi i don't know ur name hh but can u tel me pleas why when i made a script in wind7 by py i move to kali but is not worcking just give me errors pleas help with any thins

@ronin0x_ 5 лет назад

His name is Alexis

@mrvirtual6270 5 лет назад

What happened to shell scripting? Make more video about bin bash

@Dragnerve. 5 лет назад

I think its not "allowed" to post hackthebox walkthroughs since you need to solve a challenge to even be able to join them and get their content, but please tell me if i misunderstood.

@HackerSploit 5 лет назад

You are not allowed to upload active machines only retired