Type your comment> @HackSh00t said:
Type your comment> @lemarkus said:
Type your comment> @HackSh00t said: I've a TTY shell, I enumerated all I could an I tried multiple priv esc kernel exploits that didn't work. I'm in the w**-***a user. I will apreciate some hints. No need for kernel exploits. The priv esc sticks out in your basic enumeration, so you have to look a bit closer. Took me 5 Minutes and I am not the best hacker, just ran my basic stuff, something sticks really out because it should not be there. Also to everyone doing the box: Don't mess with the index.php, that is the laziest way to get your RCE, and in the field would put you into a lot of trouble. Also it is not fun for the people who are here to learn a thing or two, so maybe if you are messing around the next time, think a few steps ahead.Ty for the hint. I know where I can use the s*** command, the problem is that it’s asking me for the w**-***a passwrd. I’ve tried multiple args ans stuff but nothing worked
s*** command is the way with a right path 