Collaborate Disseminate
For Example
Is it safer to do:
$ sudo [cmd] [args] [enter user password]
or
$ su – [enter root password]
# [cmd] [args]
I always assumed they are the exact same thing, because sudo utilizes setuid-root, so the process that is … Continue reading Does sudo ever de-escalate privilege while the program/command/service is running?
I have a cronjob that runs a backup script every minutes
As you can see, this script is vulnerable a TAR Command Injection because it accepts * (wildcard) as input
I add a 2 files called “checkpoint..” (parameter) for the TAR command… Continue reading Privilege Escalation – WildCard Injection doesn’t work [closed]
What’s a great way to escalate privileges when you have a meterpreter session on a Linux system? The exploits I use to try to escalate privileges don’t work and when I use the upload command to try to upload a msfvenom payload I get the er… Continue reading What’s a great way to escalate privileges on a Linux server? [closed]
I’m new and still learning about information security, currently I am on a mission to answer all of the questions from Seasoned cyber security profesionals on facebook, and I got stuck on the question above I asked. I googled it but I’m no… Continue reading During a pentest you gained unprivileged Windows credentials, how can you escalate your privileged?
Say I have gained RCE on a server which has a firewall blocking all egress traffic:
Linux cmweb6 4.15.0-1040-azure #44-Ubuntu SMP Thu Feb 21 14:24:01 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
But I am unable to write to any directory on t… Continue reading Bypassing non-writeable permissions on Ubuntu server
during a CTF I encountered the following anomaly regarding PS & cmd.exe:
I got access to a Windows x86 server through WinRM Port 5985 using evil-winrm. (https://github.com/Hackplayers/evil-winrm) This spawns a PS shell.
Via the PS sh… Continue reading Powershell (WinRM) and cmd.exe: reg query output deviation
Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative (‘root’) privileges on… Continue reading Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root
The flaw, in Intel VTune Profiler, could enable privilege escalation. Continue reading Intel Fixes High-Severity Flaw in Performance Analysis Tool
Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store—you have been hacked and being tracked.
These newly detected malicious Androi… Continue reading 3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group
Scenario:
A web application vulnerable to SQLi (webserver Linux 2.6.24-16-server- back-end DBMS mysql). Using sqlmap I was able to get a meterpreter shell. Using post linux/gather/enum_system module I got the following detail… Continue reading SUID executables are they exploitable? [closed]