Help with dll injection

Hi all,

I’m stuck in a lab I’m doing and would like some help.
In the lab I’m given a kali machine and a windows server 2008 machine. This is all web based, and the VMs have no Internet access so I can’t install additional tools like PowerSploit or SysInternals/ProcMon. I’m giving a process that is missing a dll file, and the process runs as SYSTEM. I need to capture a flag in a txt file located in C:.

The nmap scan shows the server is running smb

I have used msfvenom to create a dll file so I can start the reverse tcp. But I need help with two points:
1- finding the vulnerable directory to place dll
2- copying the dll file into the windows machine

I’d appreciate your help or any hints with this, thanks! :grinning:

Is it updated server 2008? Scans say? Have you tried EternalBlue-DoublePulsar or smb2_negotiate_func_index both exploits are in Metasploit. Try to give more info on the Windows 2008 Server.

hi, thanks for your response,

the nmap scan shows these ports open 135, 139, 445, 3389, 49154.

the smb2_negotiate_func_index did not work, I’ll tryeternalblue in a bit.

what addional information can i give you?