HTB: Dancing Walkthrough

Courses + Hack The Box Jamie Ngo todayJune 5, 2024 55

Background
share close

A walkthrough of the Dancing room on Hack The Box.


Challenge Type: Offensive | OS: Windows | Difficulty: Very Easy

Question 1: What does the 3-letter acronym SMB stand for?

The answer to this question is Server Message Block

Question 2: What port does SMB use to operate at?

If you’re unsure, Google is your friend.

The answer to this question is 445

Question 3: What is the service name for port 445 that came up in our Nmap scan?

The answer to this is microsoft-ds

Question 4: What is the ‘flag’ or ‘switch’ we can use with smbclient to ‘list’ the the shares available over SMB?

The answer to this question is -L

Question 5: How many shares are there on Dancing?

The answer to this question is 4

Question 6: What is the name of the share we are able to access in the end with a blank password?

You can brute force this answer as there’s only 4 options. However, the answer is actually WorkShares, as this is a custom share made by an administartor during the configuration phrase.

Question 7: What is the command we can use within the SMB shell to download the files we find?

The answer to this question is get

Question 8: Submit the flag located on the SMB share.

You’ll have to connect to the server using SMBClient as hinted with the questions above. Then you can explore the directories on this share and find the flag.

The answer to this question is 5f61c10dffbc77a704d76016a22f1664. The file containg the flag can be found in James.P folder.

Written by: Jamie Ngo

Tagged as: .

Rate it

Previous post

Similar posts

Post comments (0)