Complete Linux PrivEsc TryHackMe WriteUp

TryHackMe Linux PrivEsc
TryHackMe Linux PrivEsc
TryHackMe Linux PrivEsc

Amazing Linux PrivEsc TryHackMe WriteUp room, complete the Jr Penetration Tester and learn from enumeration to exploitation, get hands-on with over 8 different privilege escalation techniques.

Jr Penetration Tester
Jr Penetration Tester

TryHackMe Room Linux PrivEsc

Linux PrivEsc TryHackMe WriteUp

Tryhackme linux privesc answers

What does “privilege escalation” mean?

At it’s core, Privilege Escalation usually involves going from a lower permission account to a higher permission one. More technically, it’s the exploitation of a vulnerability, design flaw, or configuration oversight in an operating system or application to gain unauthorized access to resources that are usually restricted from the users.

linux privesc cheat sheet

Task 1 – Introduction

Privilege escalation is a journey
Task 1 – Introduction

This task dont have any question, just click Question done.

Task 2 – What is Privilege Escalation?

Task 2 - What is Privilege Escalation?
Task 2 – What is Privilege Escalation?

Task 2 just explain what privilege escalation is, no answer needed.

Task 3 – Enumeration

linux privesc script

Task 3 - Enumeration
Task 3 – Enumeration

Start the machine and login with default credentials karem : Password1

Complete Linux PrivEsc TryHackMe WriteUp
Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

What is the hostname of the target system?

After login into execute the command:

hostname
Complete Linux PrivEsc TryHackMe WriteUp

And we can get the answer to the first question.

wade7363

What is the Linux kernel version of the target system?

Execute Linux command to verify kernel version:

uname -a

Answer is:

3.13.0-24-generic

What Linux is this?

cat /etc/issue
Ubuntu 14.04 LTS

What version of the Python language is installed on the system?

Open the python prompt

python

and invoke version function:

version()

And we have our correct answer.

2.7.6

What vulnerability seem to affect the kernel of the target system? (Enter a CVE number)

CVE-2015-RFS

Task 4 Automated Enumeration Tools

Complete Linux PrivEsc TryHackMe WriteUp
Complete Linux PrivEsc TryHackMe WriteUp 38

Task 5 Privilege Escalation: Kernel Exploits

Complete Linux PrivEsc TryHackMe WriteUp
Complete Linux PrivEsc TryHackMe WriteUp 39

What is the content of the flag1.txt file?

THM-2839287272RFS

Task 6 Privilege Escalation: Sudo

Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

How many programs can the user “karen” run on the target system with sudo rights?

3

What is the content of the flag2.txt file?

THM-402028394

How would you use Nmap to spawn a root shell if your user had sudo rights on nmap?

sudo nmap --interactive

What is the hash of frank’s password?

$6$2.sUUDsOLIpXKxcr$eImtgFExyr2ls4jsghdD3DHLHHP9X50Iv.jNmwo/BJpphrPRJWjelWEz2HH.joV14aDEwW1c3CahzB1uaqeLR1

Task 7 Privilege Escalation: SUID

Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

Which user shares the name of a great comic book writer?

gerryconway

What is the password of user2?

Password1

What is the content of the flag3.txt file?

THM-3847834

Task 8 Privilege Escalation: Capabilities

Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

How many binaries have set capabilities?

6

What other binary can be used through its capabilities?

view

What is the content of the flag4.txt file?

THM-9349843

Task 9 Privilege Escalation: Cron Jobs

Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

How many cron jobs can you see on the target system?

4

What is the content of the flag5.txt file?

THM-383000283

What is Matt’s password?

123456

Task 10 Privilege Escalation: PATH

Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

What is the odd folder you have write access for?

/home/murdoch

Exploit the $PATH vulnerability to read the content of the flag6.txt file.

What is the content of the flag6.txt file?

THM-736628929

Task 11 Privilege Escalation: NFS

Privilege Escalation: NFS
Privilege Escalation: NFS

Answer the questions below

How many mountable shares can you identify on the target system?

3

How many shares have the “no_root_squash” option enabled?

3

What is the content of the flag7.txt file?

THM-89384012

Task 12 Capstone Challenge

Complete Linux PrivEsc TryHackMe WriteUp

Answer the questions below

What is the content of the flag1.txt file?

THM-42828719920544

What is the content of the flag2.txt file?

THM-168824782390238

linux privesc tryhackme walkthrough , linux privesc github, task suid sgid executables abusing, linux privilege escalation, linux privesc checklist

https://github.com/rebootuser/LinEnum

https://gtfobins.github.io

https://www.exploit-db.com/exploits/1518