## https://sploitus.com/exploit?id=852DD39E-81B9-5DFA-A010-5F71D4C33DE5
# Metasploitable2 โ SMB Vulnerability Exploitation ๐
This project focuses on exploiting two major SMB vulnerabilities in the Metasploitable2 virtual machine. The goal was to understand how outdated Samba services can expose systems to sensitive data leaks and even full remote compromise.
All exploitation was performed safely inside an isolated lab environment using Kali Linux and Metasploitable2.
---
## ๐ Vulnerabilities Exploited
### **1. SMB Directory Traversal Vulnerability**
I discovered that the SMB service allowed directory traversal outside the shared folder. By crafting malicious SMB requests, I accessed sensitive system files like `/etc/passwd` that should never be exposed.
**Impact:**
Attackers can read confidential files, extract credentials, or gather system information.
---
### **2. SMB Usermap Script Vulnerability**
The outdated Samba version in Metasploitable2 includes a vulnerable `usermap` script. By passing a specially crafted username, I was able to make Samba execute system-level commands.
**Impact:**
Remote Command Execution โ Full **root** access without authentication.
---
## ๐ Tools & Techniques
- Kali Linux
- SMB enumeration tools
- Manual exploitation
- Metasploitable2 VM
- Safe & isolated virtual lab
---
## ๐ฏ Key Takeaways
- SMB misconfigurations can lead to serious data exposure
- Privilege escalation is possible through weak user mapping
- Outdated Samba versions are extremely risky
- Hands-on exploitation helps understand real attacker techniques
---
## ๐ Summary
Through this project, I gained practical experience exploiting SMB vulnerabilities and understanding the security risks behind improperly configured file-sharing services. The hands-on approach helped strengthen my penetration testing and vulnerability analysis skills.
---