Post Exploitation

Now that we have a reverse shell,

sudo -l 

We can look at our current privleges by looking at the sudo -l command.

Looks like we can run monitor.sh as root

personal directory and monitor.sh file do not exist

Since the directory personal and the file do not exist I created them. The monitor.sh script contains the following and turned it into an executable with chmod +x command.

Reverse connection to my machine.

After setting up a listener on my machine and running the monitor.sh script, we get a connection with root!