HTB Retired Box Walkthrough: Blue

Joe Gray (C_3PJoe)
4 min readAug 30, 2019

Blue is a retired Windows machine that is rated as Easy on Hack the Box.

Hostname: Blue
Operating System: Windows

Port Scan Results*

A simple nmap port scan nmap -vvvvv yields the following ports:

135/tcp: msrpc
139/tcp: netbios-ssn
445/tcp: microsoft-ds
49152/tcp: unknown
49153/tcp: unknown
49154/tcp: unknown
49155/tcp: unknown
49156/tcp: unknown
49157/tcp: unknown

Further Enumeration*

This initial port scan didn’t give us much. We need to approach this with a three-pronged attack. 1: amp up our nmap, 2: look at the actual website, and 3: go snooping through the directories.

For the next part of enumeration, I attempt a service version scan using nmap nmap -vvvvvv -sTV

That gave some service versions.

135/tcp: Microsoft Windows RPC
139/tcp: Microsoft Windows netbios-ssn
445/tcp: Microsoft Windows 7–10 microsoft-ds (Workgroup: workgroup)
49152/tcp: unknown
49153/tcp: unknown
49154/tcp: Microsoft Windows RPC
49155/tcp: Microsoft Windows RPC



Joe Gray (C_3PJoe)

Passionate infosec pro & hacker, but mostly interested in Intelligence Analysis (OSINT). I try to write tech & non-tech for n00bs, experienced, & management.