CSbyGB - Pentips

CS By GB - PenTips
- Welcome to CSbyGB's Pentips
Networking, Protocols and Network pentest
- Basics
- DNS
- FTP
- HTTP & HTTPS
- IMAP
- IPMI
- MSSQL
- MYSQL
- NFS
- Oracle TNS
- POP3
- RDP
- RPC
- Rservices
- Rsync
- SMB
- SMTP
- SNMP
- SSH
- Winrm
- WMI
Ethical Hacking - General Methodology
External Pentest
- External Pentest
Web Pentesting
Mobile App Pentest
- Android
- IOS
Wireless Pentest
- Wireless pentest
Cloud Pentest
Thick Client Pentest
- Thick Client
Hardware Pentest
- ATM
- IoT
Secure Code Review
- Secure code review
- Java notes for Secure Code Review
AI Pentest
Checklist
Tools
VM and Labs
- General tips
- Setup your pentest lab
Linux
Windows
Programming
Binary Exploitation
OSINT
Pentester hardware toolbox
Post Exploitation
Reporting
- How to report your findings
Red Team
Writeups
Digital skills
Durable skills
- Durable skills wheel/Roue des compétences durables
Projects
- Projects
  - Technical Projects
  - General Projects
Talks
Resources
- A list of random resources

Powered by GitBook

On this page

TryHackMe - Sudo Security Bypass

PreviousTryHackMe - SQL Injection Lab NextTryHackMe - Tomghost

Last updated 2 years ago

Let's ssh to the machine ssh -p 2222 tryhackme@10.10.114.224 password is tryhackme
sudo -l sends back to us the requirement to exploit CVE-2019-14287
Following the example shown we could try to use this trick sudo -u#0 <command> and put /bin/bash as the command and it works!

Questions

What command are you allowed to run with sudo? Answer /bin/bash
What is the flag in /root/root.txt? I will let you answer this on your own you will need to cat /root/root.txt