Kioptrix Level 1 Walkthrough

Welcome to my blog! We will be taking a look at Kioptrix 1.1 today. Lets fire up the virtual machine and get started.

Image description

First the attacker needs to find the ip address of our new target. The attacker used netdiscover here and found the targets ip to be 192.168.153.135.

Image description

The attackers next step is to determine what ports are open and what services are running with the use of nmap.

Image description

Several open ports are shown here, including port 139 which is running Samba.

Image description

Samba stands out for its known security flaws. The attackers next goal was to discover what version of samba was running to see if it is a vulnerable release.

Image description

Samba version 2.2.1 is vulnerable to the trans2open exploit. The exploit is available in msfconsole. He then starts up msfconsole to run the exploit.

Image description

The attacker set RHOST to the ip of his target, then ran the exploit. Root obtained! Id and Uname -a confirms that he is root in kioptrix. Better luck next time Kioptrix!

Image description

Written on November 7, 2015