Exploiting SUDO Users
First thing first
To Exploiting sudo user u need to find which command u have to allow.
Escalate Privilege to root user using command:
Find
Vim
Nmap
Man
Less/More
awk
nano
Add this line in /etc/passwd to order to add the user as root privilege.
Edit the entry for user user
to have access to all commands as sudo without a password:
wget
Copy Target’s /etc/passwd file to attacker machine
modify file and add a user in passwd file which is saved in the previous step to the attacker machine.
append this line only => ayed:$6$bxwJfzor$MUhUWO0MUgdkWfPPEydqgZpm.YtPMI/gaM4lVqhP21LFNWmSJ821kvJnIyoODYtBh.SF9aR7ciQBRCcw5bgjX0:0:0:root:/root:/bin/bash
host that passwd file to using any web server.
Note: if u want to dump file from a server like a root’s ssh key, Shadow file etc.
apache
Last updated