4.4 Target 4

The team managed to access this server by exploiting port 135. This was done first by using an nmap scan to see which ports were open. We found ports 135 and 139. We then searched for which exploits could be run against these services and found a list of over 100 possible exploits. We tried to run a few of the ones marked as “excellent” to no success. After realizing that this process may take quite a long time given the number of possible exploits we decided to go the easy route by googling the exploit that would work. We used a guide fromThe Network Journalwhich explained which exploit to use. This was a successful exploit and we now had access to the machine. We added a file called supersecretpasswords.txt to the box to show that we had in fact gotten in and to also add a fun file for other groups to find when they break in. After this, another group member attempted to exploit the machine in order to learn how to use metasploit and managed to break the target to the point where it could no longer be rebooted.