Great Linux PrivEsc TryHackMe WriteUp Complete

Amazing Linux PrivEsc TryHackMe WriteUp room, complete the Jr Penetration Tester and learn from enumeration to exploitation, get hands-on with over 8 different privilege escalation techniques.

TryHackMe Room Linux PrivEsc

Linux PrivEsc TryHackMe WriteUp

Tryhackme linux privesc answers

What does “privilege escalation” mean?

At it’s core, Privilege Escalation usually involves going from a lower permission account to a higher permission one. More technically, it’s the exploitation of a vulnerability, design flaw, or configuration oversight in an operating system or application to gain unauthorized access to resources that are usually restricted from the users.

linux privesc cheat sheet

Task 1 – Introduction

This task dont have any question, just click Question done.

Task 2 just explain what privilege escalation is, no answer needed.

linux privesc script

Start the machine and login with default credentials karem : Password1

Linux PrivEsc TryHackMe WriteUp

Answer the questions below

What is the hostname of the target system?

After login into execute the command:

hostname

And we can get the answer to the first question.

wade7363

What is the Linux kernel version of the target system?

Execute Linux command to verify kernel version:

uname -a

Answer is:

3.13.0-24-generic

What Linux is this?

cat /etc/issue

Ubuntu 14.04 LTS

[adinserter block=”5″]

What version of the Python language is installed on the system?

Open the python prompt

python

and invoke version function:

version()

And we have our correct answer.

2.7.6

What vulnerability seem to affect the kernel of the target system? (Enter a CVE number)

CVE-2015-RFS

[adinserter block=”5″]

What is the content of the flag1.txt file?

THM-2839287272RFS

[adinserter block=”5″]

Answer the questions below

How many programs can the user “karen” run on the target system with sudo rights?

3

What is the content of the flag2.txt file?

THM-402028394

How would you use Nmap to spawn a root shell if your user had sudo rights on nmap?

sudo nmap --interactive

What is the hash of frank’s password?

$6$2.sUUDsOLIpXKxcr$eImtgFExyr2ls4jsghdD3DHLHHP9X50Iv.jNmwo/BJpphrPRJWjelWEz2HH.joV14aDEwW1c3CahzB1uaqeLR1

[adinserter block=”5″]

Answer the questions below

Which user shares the name of a great comic book writer?

gerryconway

What is the password of user2?

Password1

What is the content of the flag3.txt file?

THM-3847834

[adinserter block=”5″]

Answer the questions below

How many binaries have set capabilities?

6

What other binary can be used through its capabilities?

view

What is the content of the flag4.txt file?

THM-9349843

[adinserter block=”5″]

Answer the questions below

How many cron jobs can you see on the target system?

4

What is the content of the flag5.txt file?

THM-383000283

What is Matt’s password?

123456

[adinserter block=”5″]

Answer the questions below

What is the odd folder you have write access for?

/home/murdoch

Exploit the $PATH vulnerability to read the content of the flag6.txt file.

What is the content of the flag6.txt file?

THM-736628-RFS

[adinserter block=”5″]

Answer the questions below

How many mountable shares can you identify on the target system?

3

How many shares have the “no_root_squash” option enabled?

3

What is the content of the flag7.txt file?

THM-89384-RFS

Task 12 Capstone Challenge

[adinserter block=”5″]

Answer the questions below

What is the content of the flag1.txt file?

THM-4282871992-RFS

What is the content of the flag2.txt file?

THM-168824782-RFS

[adinserter block=”5″]

linux privesc tryhackme walkthrough , linux privesc github, task suid sgid executables abusing, linux privilege escalation, linux privesc checklist

linux privesc tryhackme walkthrough

https://github.com/rebootuser/LinEnum

https://gtfobins.github.io

https://www.exploit-db.com/exploits/1518