HackTheBox: Lame was a really simple machine which only took a few minutes to get into. This was my first HTB machine i did.
I first started by doing a port scan of Lame (10.10.10.3).
Straight away i can see from experience that FTP and SMB are vulnerable.
vsftpd 2.3.4 and
are vulnerable to command execution.
A quick searchsploit shows a command execution exploit for
The exploit is opened and executed in metasploit which is successful.
The exploit gives us root access which means both flags can easily be retrieved without privilege escalation.
3.1 Getting the flags
The flag is easily found by going into the root directory and viewing the flag.