Legacy, a really old box from HTB that I did fairly quickly and didn’t take too many screenshots. Right down to the dirty, Legacy is vulnerable to MS08-067 and MS17-010. I went with the old school MS08 and exploit and had no issues getting root.
Legacy is located at
A basic scan shows SMB is open and lets begin
My frist step seeing SMB is to enumerate the hell out of it.
This nmap scan will go through all the SMB-ENUM scripts the NSE has and then we can assess the output
Pretty straightforward results and we can see what exactly this box is vulnerable too. These are considered famous exploits so I am sure this is going down the right path and because this box is so old, I am going to go with the older one.
We also get anonymous access.
Honestly all I did here was download the script from exploitdb and run it and got root.
Not the most exciting box but on the list of OSCP boxes to try and complete so I figured I would get it done.