Home avatar

remoteshell.zip

HTB: PermX

PermX is an easy Linux box, which is running a vulnerable version of Chamilio CMS which leads to a initial shell. Running linpeas reveals a password, which seems to be the password of the user mtz. Mtz has sudo permissions to run a custom bash binary, which can be exploited by making a symlink of /etc/sudoers and giving ourself ALL permissions to get root access.

IMF

IMF is a boot2root mcahine that contains many flags. After each flag, the difficulty is increased. This machine starts with web and ends with a buffer overflow.