@Fenrir said:
hi,
just got root, but without the ssh-tunnel hint i wouldn’t be able to do it.
so i wonder if there are any indications, that root is using the ssh-tunnel, or was it just guessing?
Feel free to pm me
Check the parameters of the service you used to get into root, one in particular will tell you exactly why you had to do what you did.
@n3tl0kr said:
So, user was flat enough…I do see something very interesting running on this box and i have a fairly good idea of the inner working using ****** over ***** tunnels but fcrackzip is going on a few hours and no dice for the secret.zip file. I thought maybe a bogus extension or something but to short to be a key? Any very gentle nudges?
If you have already identified an interesting process you might want to read its man page, you could find something useful in there 