[HackTheBox] Bashed
Oct 9, 2021
This is quite an elementary box to do on HTB.
Even before the nmap scans came back I saw this and had only one thing in my mind : “The Foothold is mine”
Dirbuster soon came up with these results and now basically i had a webshell.
ezpz
Priviledge Escalation:
This Is A two step process on this box, but none the less its really elementary.
Basically /bin/bash gave us lateral privEsc.
Now this was interesting.
Updated that script just in case :D
On a different note, I could use pspy to scout out when this gets executed if at all since this wasnt present in the /etc/crontab.
Now this was sad…
A few moments later I got a revShell. huh….
