Amazing Linux PrivEsc TryHackMe WriteUp room, complete the Jr Penetration Tester and learn from enumeration to exploitation, get hands-on with over 8 different privilege escalation techniques.
TryHackMe Room Linux PrivEsc
Linux PrivEsc TryHackMe WriteUp
Tryhackme linux privesc answers
What does “privilege escalation” mean?
At it’s core, Privilege Escalation usually involves going from a lower permission account to a higher permission one. More technically, it’s the exploitation of a vulnerability, design flaw, or configuration oversight in an operating system or application to gain unauthorized access to resources that are usually restricted from the users.
linux privesc cheat sheet
Task 1 – Introduction
This task dont have any question, just click Question done.
Task 2 just explain what privilege escalation is, no answer needed.
linux privesc script
Start the machine and login with default credentials karem : Password1
Linux PrivEsc TryHackMe WriteUp
Answer the questions below
What is the hostname of the target system?
After login into execute the command:
hostname
And we can get the answer to the first question.
wade7363What is the Linux kernel version of the target system?
Execute Linux command to verify kernel version:
uname -aAnswer is:
3.13.0-24-genericWhat Linux is this?
cat /etc/issueUbuntu 14.04 LTSWhat version of the Python language is installed on the system?
Open the python prompt
pythonand invoke version function:
version()And we have our correct answer.
2.7.6What vulnerability seem to affect the kernel of the target system? (Enter a CVE number)
CVE-2015-RFS
What is the content of the flag1.txt file?
THM-2839287272RFS
Answer the questions below
How many programs can the user “karen” run on the target system with sudo rights?
3What is the content of the flag2.txt file?
THM-402028394How would you use Nmap to spawn a root shell if your user had sudo rights on nmap?
sudo nmap --interactiveWhat is the hash of frank’s password?
$6$2.sUUDsOLIpXKxcr$eImtgFExyr2ls4jsghdD3DHLHHP9X50Iv.jNmwo/BJpphrPRJWjelWEz2HH.joV14aDEwW1c3CahzB1uaqeLR1
Answer the questions below
Which user shares the name of a great comic book writer?
gerryconwayWhat is the password of user2?
Password1What is the content of the flag3.txt file?
THM-3847834
Answer the questions below
How many binaries have set capabilities?
6What other binary can be used through its capabilities?
viewWhat is the content of the flag4.txt file?
THM-9349843
Answer the questions below
How many cron jobs can you see on the target system?
4What is the content of the flag5.txt file?
THM-383000283What is Matt’s password?
123456
Answer the questions below
What is the odd folder you have write access for?
/home/murdochExploit the $PATH vulnerability to read the content of the flag6.txt file.
What is the content of the flag6.txt file?
THM-736628-RFS
Answer the questions below
How many mountable shares can you identify on the target system?
3How many shares have the “no_root_squash” option enabled?
3What is the content of the flag7.txt file?
THM-89384-RFSTask 12 Capstone Challenge
Answer the questions below
What is the content of the flag1.txt file?
THM-4282871992-RFSWhat is the content of the flag2.txt file?
THM-168824782-RFSlinux privesc tryhackme walkthrough , linux privesc github, task suid sgid executables abusing, linux privilege escalation, linux privesc checklist