5 box enum nadav

PEAS

User & Groups: uid=1000(nadav) gid=1000(nadav) groups=1000(nadav),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(lpadmin),128(sambashare)
# sudo stands out

╣ USBCreator
╚ https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation
Vulnerable!!

╣ PATH
# contains /home/nadav/bin;/home/nadav/.local/bin

# root is running fail2ban
root       1675  0.0  0.4 889904 18332 ?        Sl   22:11   0:04 /usr/bin/python3 /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b

╣ Checking Pkexec policy
[Configuration]
AdminIdentities=unix-user:0
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin

Last updated