This is my write-up for the ‘Curling’ box found on Hack The Box. Synopsis Joomla website, Joomla admin password available in txt file, www …
This is a very easy box. The exploit is the eternal blue exploit for windows 7.
nmap -vv --reason -Pn -sV -sC --version-all 10.129.126.91
The nmap responds with the version of the windows and it is Windows 7 Professional 7601 Service Pack 1.
This version is vulnerable to the eternal blue exploit.
With the Metasploit this exploit is really easy to use.
And we are in.
For manual exploitation we can use the http://github.com/worawit/MS17-010