RootMe
文章目录
Task1 Deploy the machine
Deploy the machine
Task2 Reconnaissance
1.Scan the machine, how many ports are open?
2
2.What version of Apache is running?
2.4.29
3.What service is running on port 22?
ssh
4.Find directories on the web server using the GoBuster tool.
5.What is the hidden directory?
/panel/
Task3 Getting a shell
在http://IP/panel页面上传后缀为php5的文件绕过限制,反弹shell成功
user.txt
THM{y0u_g0t_a_sh3ll}
Task4 Privilege escalation
1.Search for files with SUID permission, which file is weird?
/usr/bin/python
find / -user root -perm /4000
2.Find a form to escalate your privileges.
3.root.txt
THM{pr1v1l3g3_3sc4l4t10n}
-1632389193904)]
3.root.txt
THM{pr1v1l3g3_3sc4l4t10n}