Home Forums Privilege Escalation using PATH

This topic contains 1 reply, has 2 voices, and was last updated by  Neo-Neo 1 month ago.

  • Author
  • #444117



    I have to search a flag related with privilege escalation. The first thing I did was running linpeas to search for the PE vector. The only thing that was interesting was this (If it’s in this color means that has a 95% to succeed with the pe)



    So my home dir is in the path, ok. My first though was to create a bash script that initiates a reverse shell and give it a name that the root my execute. But I’m unable to succeed. No interesting cronjobs, no vulnerable SUID bins, I even sniffed the root commands with pspy and nothing i could exploit. I’ve been two days trying all other types of pe exploits but none works. I’m out of ideas. Any suggestions? Thank you!

  • #444118


    Homework help?

  • #444119


    It looks to me like a “false positive” since the home directory is pretty much at the end completely of the PATH

    Have you looked at the open ports ? Now that you are in local, maybe there are services that you couldn’t see before

  • #444120


    Not to sound like a dick, but have you actually enumerated the box? Or have you just run alot of pe scripts?

You must be logged in to reply to this topic.