Samba

PreviousFTP NextFind the easy Pass

Last updated 1 year ago

I first started by searching for exploits on Samba smbd 3.0.20-Debian.
It looks like exploit DB and metasploit contain information for exploiting this.
I'll give the metasploit exploit a try out.
After starting up the metasploit console, I'll search for Samba related exploits.

search samba

I'll use exploit #8 in the list as that is the one that matches up with what I found online on Rapid7
I'll then verify the exploit is the correct one.

info

It looks like the description matches up with the version I found online.
Next is to check the options and set them.

Looks like all I need to do is set the RHOSTS to my Host IP. Also check the LHOSTS to make sure it is correct.

set rhosts [Target IP]

Then let's run the exploit.

exploit

It should be that easy. Redirect to /root to find the root.txt

cat /root/root.txt

The root flag is: 47b8ec8b36d966e1cde25938161b5334