Jump to content

Search the Community

Showing results for tags 'privelege'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 1 result

  1. Howdy Hak5 folks.. Well, I'm expected some "try harders" and other such encouragement :)..I'm at the very tail end of the CPT exam. If anyone is unsure of it, first part is multi-choice (aced it!) ..second is compromising two VM's..got first in minutes happy to say..the second one......here is where I'm losing my hair very quickly. The objective is root password on both vm;s...this second one is where I seem to be hitting a dead end, and this is the first reaching out for help attempt. Basically, from what I can gather, this particular vm needs to be compromised via a local exploit be it privy escalation, shellcode yadda yadda..I have tried (I think) most methods that I can figure out (at my level at least) and just getting killed with each attempt. Not looking for someone to spell it out for me, after all I've been at this VM for 2 weeks now before asking for some guidance. So I'm happy to start a dialogue with anyone interested to help. I'll spill some of the VM details here and if someone is kind enough to brainstorm with me, it would be much appreciated. Cheers VM Info: Red Hat Linux 9 (Shrike) Kernel 2.4.20-8 i686 athlon i386 (bear in mind this is on a VMWare Workstation, host is AMD chip fyi) gcc 3.2.2 2 non-root accounts have been acquired, no sudo privileges, long story short, these accounts can't do squat The accounts allow direct (local) access on the vm, or via ssh etc. from attack VM Tried out about 12 known exploits (mainly exploit-db et.al) for OS version and kernel The discovered services have some minor-medium level vulnerabilities, but none from what I can tell help to getting to root/shadow file. FYI, for the exploits tried, (I'm a sooper noob with shellcode, but learning fast and taking ANOTHER course fml) some backfired entirely, some compiled but failed to run, some compiled ran but seg-faulted etc etc, so they may work and I'm just inexperienced at compiling or altering them appropriately I've done some local enumeration of possible config, suid etc etc flaws but cant really determine an approach Think that about does it for a 'where I'm at'...like I said, I actually dont really want the "Here's how.." but some discussion or tips would really be appreciated. Just kinda fried and probably overthinking but having trouble getting focused and feel kinda burnt as far as ideas go.
  • Create New...