Home Forums Privilege Escalation using PATH

This topic contains 1 reply, has 2 voices, and was last updated by  Neo-Neo 1 month ago.

  • Author
    Posts
  • #444117

    FreeRaider1
    Member

    Hey!

    I have to search a flag related with privilege escalation. The first thing I did was running linpeas to search for the PE vector. The only thing that was interesting was this (If it’s in this color means that has a 95% to succeed with the pe)

    ​

    https://preview.redd.it/e2gm5rsjhno71.png?width=1341&format=png&auto=webp&s=d16feb570615aa69b75d81d05b7d9605d34c0d7c

    So my home dir is in the path, ok. My first though was to create a bash script that initiates a reverse shell and give it a name that the root my execute. But I’m unable to succeed. No interesting cronjobs, no vulnerable SUID bins, I even sniffed the root commands with pspy and nothing i could exploit. I’ve been two days trying all other types of pe exploits but none works. I’m out of ideas. Any suggestions? Thank you!

  • #444118

    Neo-Neo

    Homework help?

  • #444119

    PetiteGousseDAil

    It looks to me like a “false positive” since the home directory is pretty much at the end completely of the PATH

    Have you looked at the open ports ? Now that you are in local, maybe there are services that you couldn’t see before

  • #444120

    j1664

    Not to sound like a dick, but have you actually enumerated the box? Or have you just run alot of pe scripts?

You must be logged in to reply to this topic.