Samba
I first started by searching for exploits on
Samba smbd 3.0.20-Debian
.It looks like exploit DB and metasploit contain information for exploiting this.
I'll give the metasploit exploit a try out.
After starting up the metasploit console, I'll search for Samba related exploits.
search samba

I'll use exploit #8 in the list as that is the one that matches up with what I found online on Rapid7
I'll then verify the exploit is the correct one.
info

It looks like the description matches up with the version I found online.
Next is to check the options and set them.

Looks like all I need to do is set the
RHOSTS
to my Host IP. Also check the LHOSTS to make sure it is correct.
set rhosts [Target IP]
Then let's run the exploit.
exploit
It should be that easy. Redirect to /root to find the root.txt
cat /root/root.txt
The root flag is: 47b8ec8b36d966e1cde25938161b5334
Last updated