This is a box that is on the easy side that makes use of the EternalBlue exploit.
We open up with an nmap scan finding a webserver available. From there, we fuzzed the site and found a wordpress directory which had a vulnerable plugin which we used to get an initial shell. Then we used a basic cronjob to get a root shell.
This is a medium level box which made use of vim swap files to find an interesting file that turned out to be exploitable. Which we used to gain initial access through SSH, then used an OpenBSD exploit for PrivEsc.
This is an easy level box. We have anonymous access through FTP through which we can upload a shell. Then we use ms10_015 exploit to gain root.
This is an easy level box which is vulnerable to username map script for the version of samba version.
We use and ajp file read/inclusion and got credentials for SSH and decrypt a pgp file to gain access to another user. PrivEsc was to zip.
We found squirrelmail which we brute-forced with text files found in a SMB share, later found another CMS which had an LFI vulnerability. Then used a cronjob wildcard exploit for PrivEsc.