new to this and this is the first box iv’e tried. Got user pretty easy but stuck on what i feel is the very last step in privesc…
got the user in a full shell
I’m running the .sh file but cant figure out how to ‘step in’ as its executing to grab the root user. i tried passing it to bash “./XXXXXXX.sh bash” bit i get “TERM environment variable not set.”. though maybe write a new file to replace the existing one with a exploit but dont have write permissions in vi. though maybe i can pass the executing script to another shell but i have no idea how…
really ran out of ideas now so any help is massively appreciated! loving it so far though!