📗
OSCP Prep
  • OSCP Preperation
  • Hack the Box Linux
    • Bashed
    • Nibbles
    • Sense
    • Conceal
    • La Casa de Papel
    • Lightweight
    • Jerry
      • Scanning and Enumeration
    • Jarvis
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lesson's Learned
    • TartarSauce
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Poison
      • Turning LFI into RFI
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Node(Comeback to)
      • Scanning and Enumeration
      • Exploitation
    • SolidState
      • Scanning and Enumeration
      • Exploitation and POSTY
      • Lessons Learned
    • Nineveh
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons learned
    • Cronos
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • SwagShop
      • Scanning and Enumeration
      • Exploitation
      • Lessons Learned
    • Networked
      • Exploitation
    • FriendZoned
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons learned
    • Sunday
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Valentine
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Irked
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Kotarak
    • Nibbles
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
  • Hack the Box Windows
    • Bounty
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
    • Blue
      • Scanning and Enumeration
      • Lessons Learned
    • Granny
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Grandpa
      • Scanning and Enumeration
      • Exploitation
      • Lessons Learned
    • Arctic
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Optimum
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
      • Lessons Learned
    • Devel
      • Scanning and Enumeration
      • Exploitation
      • Post Exploitation
    • Legacy (comeback to )
      • Scanning and Enumeration
      • Exploitation
  • Slick Tricks
    • Banned by Bruteforce? Try this!
    • Hydra for Web Logins
    • Grepping
    • Redirecting all Script Traffic to Burp
    • Word Count
    • Reverse Shell Tricks
    • Transfering files
  • Nmap Help
  • Linux Guide
    • Linux Shortcuts
  • Privelege Escalation
    • Linux Privilege Escalation
Powered by GitBook
On this page
  • Checking for commands we can run as root
  • Identifying Hash
  • Privilege Escalation

Was this helpful?

  1. Hack the Box Linux
  2. Sunday

Post Exploitation

PreviousExploitationNextLessons Learned

Last updated 4 years ago

Was this helpful?

Checking for commands we can run as root

Identifying Hash

sudo john --wordlist=/usr/share/wordlist/rockyou.txt sammyhash.txt
cooldude!

Privilege Escalation

First we create a bash file

On the Sammy Computer we can use wget as root and out put the contents of a file to somewhere else on the system.

Running the /root/troll command after being overwritten

found shadow.backup file with sammy hash
Identified SHA-256 hash
writing the contents of the bash file to the /root/troll command we can run in sunny user