Kioptrix 1

Introduction

This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways then one to successfully complete the challenges.

Reconnaissance

Using google fu to find the Kioptrix VM Image and install in the virtual machine. From here, we assume that we have the network of targeted machine. (NAT = 192.168.88.128).

Scanning

Starting scanning the network using nmap.

nmap -T4 $IP/24 or can use arp-scan -l

result arp-scan

result nmap and open port

Since we get the result of targeted machine and it appear to have 1 active host (kioptrix). Proceed with enumeration to gain more information.

Gaining Access

1. Possible Access Via SMB

smbclient result

Need to identify which version of this machine. Using metasploit smb_version.

result metasploit

From this information, we notice that the version got vulnerabilites on trans2open.

Using searchsploit to find script that been done before. I'm using 22469.c exploit.

Maintaining Access

1. Create new user.

2. Put backdoor (automatically create user in crontab).

Conclusion

This machine are vulnerable to buffer overflow in Samba version 2.2.1a.