Collaborate Disseminate
There is one SetUID program in C that passes command-line arguments to open system call as open(argv[1], O_RDONLY);
Can this be exploited for privilege escalation? If yes with which command line?
To make privilege escalation on a machine where I got a meterpreter session, I can do it if the user who executed the payload on the victim’s machine is on the administrator’s group.
When I run the exploit (exploit/windows/local/bypassuac)… Continue reading Elevate privileges on Windows where I have a meterpreter session with a user who is not part of the administrators group [closed]
I am working on a "Hack me" challenge, I have access to apache account in the server, I tried to get root access, I run linpeas.sh script and linpeas didn’t find anything special, however, there is a file /etc/profile.d/modules.c… Continue reading Privilege escalation using symlink [closed]
News article:
Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways t… Continue reading Malware Hidden in Call of Duty Cheating Software
“Where necessity speaks, it demands”. This old saying seems particularly apt right now with the pandemic forcing organizations to completely change the way they think about their IT networks. That rapid shift to remote work has resulted in a …
The post… Continue reading Azure security 101: Security essentials, logs, authentication, and more
PrintSpoofer uses named pipe impersonation to elevate on Windows 10 to SYSTEM from a user with SeImpersonatePrivilege (Local Service, Network Service, Administrator etc.). The compiled version is detected by Windows Defender, therefore it … Continue reading How to run PrintSpoofer in memory from powershell?
I got a missing library on a binary:
user@box:~$ ldd /usr/bin/binary
linux-vdso.so.1 (0x00007ffe765d5000)
somelib.so => not found
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f8cc9d51000)
/lib… Continue reading Missing library privilege escalation
When the ShinyHunters hacking group started hawking the personal data of millions of people on the Dark0de market early last month, it was notable because of the sheer number of records in play – and because of who was hacked. In addition to informati… Continue reading New Details on Astoria Company Hack Emerge
I am working on a CTF challenge (FOR EDUCATIONAL PURPOSES)
The sudo version is 1.8.23 and sever is Centos 7
The free -h output is:
total used free shared buff/cache available
Mem: 94G … Continue reading Privilege escalation using sudo and ASLR bruteforce
Consider the following Linux system:
root account is disabled (passwd -l root, passwd -d root),
there is an account ‘admin’, with sudo rights,
there is an account ‘webservice’, with limited privileges, and no sudo rights,
su is disabled v… Continue reading Prevent a remote privilege escalation when the root/admin password is known