HackTheBox — Lame

5 min readApr 12, 2023

Lame is an easy-level machine on HackTheBox that involves exploiting a vulnerable Samba server to gain initial access, and then exploiting a vulnerable MySQL server to elevate privileges to root. In this write-up, we’ll step through the process of exploiting the machine to retrieve the root.txt flag.


As usual, we’ll start by scanning the target IP address ( to see which ports are…