Theme Layout

Boxed or Wide or Framed

Wide

Theme Translation

Display Featured Slider

Featured Slider Styles

Display Grid Slider

yes

Grid Slider Styles

Display Trending Posts

Display Author Bio

Display Instagram Footer

off

Dark or Light Style

Light
Powered by Blogger.
Navigation Menu

All rights reserved
komorebi 2016

Thursday, January 26, 2017

[Hacker School] FTZ Level1. ( Ver. Eng )

11:07:00 AM
to Read (
Words)


Level1.



After connecting to the FTZ server using the Mac terminal, Let's check the hint of level1 as follows.

For solving the problem, we find and run a file with setuid permission on level2 permission. So we use the find command as follows.


Setuid is set up with at least 4000 permissions and the owner is level2. so I wrote the above command and tried to execute it.


/bin/ExecuteMe can be found. when using the ls -al command, we can see that it matches the condition of the problem. Now run this file and we should see something like this:


The program executed the command using the level2. but we can not execute the my-pass command that knowing the password about level2 account.
So, we enter the shell execution command to retain the privileges of level2. and then, enter the my-pass command.






QuickEdit
Unknown
0 Comments
Share This Post :

You Might Also Like

Wargame

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Follow @SunriseSunsetBlog