Type your comment> @HackSh00t said:
I’ve a TTY shell, I enumerated all I could an I tried multiple priv esc kernel exploits that didn’t work. I’m in the w**-***a user. I will apreciate some hints.
No need for kernel exploits. The priv esc sticks out in your basic enumeration, so you have to look a bit closer. Took me 5 Minutes and I am not the best hacker, just ran my basic stuff, something sticks really out because it should not be there.
Also to everyone doing the box: Don’t mess with the index.php, that is the laziest way to get your RCE, and in the field would put you into a lot of trouble. Also it is not fun for the people who are here to learn a thing or two, so maybe if you are messing around the next time, think a few steps ahead.