Please don't leave root.txt extracted to ownership of lower privileged user after privesc

edited August 2018 in Machines

thanks :P

Comments

  • What do you mean? Each machine has root.txt, it's proof you got the root/system account. They also have user.txt to prove you got user access.

  • Maybe they mean delete root.txt ?

  • edited August 2018

    I mean if you extract root.txt to another user with lower privileges, please don't leave it there when your done :) Or zip files, or scripts, etc. Would be nice if people deleted all that stuff when they're done. Would also be nice if people restore wepapp settings to default if they changed something - otherwise it allows people to get code/command execution without knowing the proper settings.

  • Year right Snooby. Make sure to do house cleaning all of your exploit, scripts etc.

    Hack The Box

  • Be kind, please rewind! :-)

    Hack The Box

  • Ah, I see. Sounds like some chown activity, I haven't seen that yet. The only way to fix it is to re-chown it as root or do a reset...which I doubt the person(s) responsible would do :anguished: It sounds like they just want root.txt output, and not get a shell...bah.

Sign In to comment.