Jarvis

Type your comment> @hoodedfigure said:

Type your comment> @Revolution said:

Type your comment> @hoodedfigure said:

Type your comment> @keithschm said:

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.

Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.

Previously mentioned by @Zot

Google: Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation

Seriously, I don’t know if I am stupid or something, but I cannot understand. The encapsulation technique is something that I found out by myself, without the need of this link, but other than that I can really do not understand how I am suppose to use this since there is not infoblox on the system.

i need hint in PM me

Type your comment> @Revolution said:

Type your comment> @hoodedfigure said:

Type your comment> @keithschm said:

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.

Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.

It’s hard to tell exactly what you’re doing given your comments, but if a program is exploitable and you run it as yourself and exploit it, you obviously won’t have accomplished much. OTOH, if you can find a suid program or find some other way to run a program which is exploitable as a user other than yourself, then you’d be onto something.

I’m getting the ban message even after a reset if it’s my first request on the box. Is this expected behavior?

Type your comment> @Conda said:

I’m getting the ban message even after a reset if it’s my first request on the box. Is this expected behavior?

You’re making one single request? Using something like curl?

Type your comment> @deviate said:

You’re making one single request? Using something like curl?

Yes one single curl request and on a VIP server. Curl request to the high port.

Type your comment> @Conda said:

Type your comment> @deviate said:

You’re making one single request? Using something like curl?

Yes one single curl request and on a VIP server. Curl request to the high port.

The high port only exists to serve that ban message. :stuck_out_tongue:

Type your comment> @deviate said:

Type your comment> @Conda said:

 Type your comment> @deviate said:

       You're making one single request? Using something like curl?





  Yes one single curl request and on a VIP server. Curl request to the high port.

The high port only exists to serve that ban message. :stuck_out_tongue:

Thank you. I feel like an idiot, it’s come full circle in my mind now haha.

In same situation as @hoodedfigure . I know how execute arbitrary commands in s***.py but I don’t know what to execute to get pe**** shell. Always getting d*** shell

Type your comment> @n0t said:

In same situation as @hoodedfigure . I know how execute arbitrary commands in s***.py but I don’t know what to execute to get pe**** shell. Always getting d*** shell

on a *nix system, what are the most common ways to run a program as another user?

@deviate Sudo and specifying user or su…But still it asks for data password or pepper one

Type your comment> @n0t said:

@deviate Sudo and specifying user or su…But still it asks for data password or pepper one

How can you list what commands you can run with sudo?

Thanks @deviate. I’m stupid, should’ve used the whole path and without py*** at the beginning

Have user & shell, if you need help PM me

Not got root yet though

Type your comment> @n0t said:

In same situation as @hoodedfigure . I know how execute arbitrary commands in s***.py but I don’t know what to execute to get pe**** shell. Always getting d*** shell

@n0t said:
In same situation as @hoodedfigure . I know how execute arbitrary commands in s***.py but I don’t know what to execute to get pe**** shell. Always getting d*** shell

Hi n0t,

I already got user. I was just suggesting it for others. If you need a hint send me a PM.

Regards, HF

please have mercy. please dont execute that beef. we can’t have a stable connection :frowning:

Type your comment> @hoodedfigure said:

Type your comment> @Revolution said:

Type your comment> @hoodedfigure said:

Type your comment> @keithschm said:

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.

Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.

Previously mentioned by @Zot

Google: Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation

God bless you @hoodedfigure

I have no idea what I am doing wrong at the privilege escalation. I always get a “Failed to link/enable unit” error…

Edit: thanks to @l0lxD I was finally able to get root. Do not blindly follow the tutorial. You won’t need every step.

@palaziv what tutorial?

@igaralf you will find it once you know which thing to exploit