OnSystemShellDredd
Nmap
FTP on the host is open to anonymous login. When logged in use ls -la
to view hidden files. Upon moving into the .hannah directory ensure binary mode is enabled then grab the id_rsa.
Ensure to change the permissions on the id_rsa to make it usable.
Then proceed to login as the user hannah specifying port 61000.
Running linpeas on the target machine after transferring over finds the binary cpulimit has a SUID bit set.
Checking GTFOBins against this binary reports the following:
We can then use the following command to gain a root shell:
Last updated