Lin Security
Lin Security Vulnhub walkthrough
Last updated
Was this helpful?
Lin Security Vulnhub walkthrough
Last updated
Was this helpful?
This machine does not need enumeration because the author already gave us a credentials and this machine is let us to practice our privilege escalation skills
After logged in using the credentials
we then can type sudo -l
We can see a lot of user rights exploit
We can go to this website and get the cheat sheet from it hehe. A lot is very easy so we are not gonna cover everything.
On our machine
On target machine
When we cat /etc/passwd, we can see all the users available in the system, then we can see a user has a hash
Put it at hashcat and we can decode the hash
We got the password and su
to user insecurity
, then we can get root
If we type cat /etc/crontab
we can see that there is a backup running every 1 minute
If we la -la /etc/backups
We can see that tar file. If you read this article on this website, here we have a very details explanation
On our machine
On target machine
After wait for 1 minute then we can get a shell.