HackTheBox: Blue was the simplest machine i have done, was easy to get into using a popular exploit.
I first started by doing a port scan of Blue (10.10.10.40).
The first interesting thing i see is that SMB on 445 is open with Windows 7 and service pack 1. This is likely vulnerable to
the NSA’s EternalBlue exploit. Metasploit can be booted up to check if this service is vulnerable to EternalBlue or not.
The scan revealed that MS17-010 can be used against the target. The exploit is loaded in Metasploit.
The exploit is successful and a reverse shell is opened!
3.1 Getting the flags
A quick look and i have system privileges which means both the user and root flag can easily be retrieved.