Kioptrix Level 1 Walkthrough
Welcome to my blog! We will be taking a look at Kioptrix 1.1 today. Lets fire up the virtual machine and get started.
First the attacker needs to find the ip address of our new target. The attacker used netdiscover here and found the targets ip to be 192.168.153.135.
The attackers next step is to determine what ports are open and what services are running with the use of nmap.
Several open ports are shown here, including port 139 which is running Samba.
Samba stands out for its known security flaws. The attackers next goal was to discover what version of samba was running to see if it is a vulnerable release.
Samba version 2.2.1 is vulnerable to the trans2open exploit. The exploit is available in msfconsole. He then starts up msfconsole to run the exploit.
The attacker set RHOST to the ip of his target, then ran the exploit. Root obtained! Id and Uname -a confirms that he is root in kioptrix. Better luck next time Kioptrix!