Forum Discussion

Bronze II

4 months ago

help with A Christmas Catastrophe: A Letter to Santa

I am in the scalation privileges part. Tried to create a symlink to /root/root.txt and to /root in /etc/letters/ waiting cron /etc/chmod.sh takes ownership with chmod 666 instruction and then extr...

Advocate

3 months ago

When we did the lab, although we had to do some web-fu to get the initial foothold, once we were on the box (with meterpreter), we found a local vulnerability that could be popped to priv esc up to root and grab the token. We didn't do anything clever with the cron stuff. I have no idea if this is how they intended you to do the lab, or if we missed something clever.

One minor headache though - sometimes metasploit's local_exploit_suggester script reported that the vuln was there, sometimes it did not.

Good luck! :-)

Forum Discussion

help with A Christmas Catastrophe: A Letter to Santa

Featured Places

Community Forum

Related Content

I'm stucked in "A Christmas Catastrophe: Let It Snow".

A Letter to Santa

Christmas Tree-Son🎄Virtual Crisis Simulation

🎄 Christmas Crisis Sim Showdown! Vote for Your Favourite! 🎄

Microsoft Sentinel Deployment & Log Ingestion: Ingesting Platform Logs via Diagnostic Settings

Recent Discussions

Autopsy: Demonstrate Your Skills

SuperSonic: Ep.7 – LIFTON

CVE-2022-33891 (Apache Spark) – Defensive Question 8

File Inclusion Vulnerabilities Lab (Purple Belt)

CVE-2020-11651 (SaltStack RCE) – Defensive