listening on [any] 4444 …
connect to [10.10.15.34] from onetwoseven [10.10.10.133] 54286
root@onetwoseven:/# whoami
whoami
root
root@onetwoseven:/# cat /root/root.txt
Can’t believe I did it. As a piece of advice on root, you might pinhole yourself into thinking it could be an input validation exploit and even going as far as to follow a certain guide on how to do it. Instead, think about how the box is configured and how you can work that configuration to your advantage. Is there any way to fool the machine into thinking you’re something it looks to as a source of information?