KIBA WriteUp Tryhackme
TASK 1: Flags
#1 — What is the vulnerability that is specific to programming languages with prototype-based inheritance?
Answer: google it so some research and you’ll find the answer.
#2 — What is the version of visualization dashboard installed in the server?
#3 — What is the CVE number for this vulnerability? This will be in the format: CVE-0000–0000
Answer: I gave the hint now find the answer.
#4 — Compromise the machine and locate user.txt
Also git clone the payload by clicking here
Start a listener(nc -nvlp 4444) and run the exploit:
Now we have the shell:
#5 — Capabilities is a concept that provides a security system that allows “divide” root privileges into different values
answer: No answer required
#6 — How would you recursively list all of these capabilities?
Answer: gtcap -r /
#7 — Escalate privileges and obtain root.txt
While checking the capabilities it reveals a custom pythom3 installation in /home/kiba/.hackmeplease/ :
Checking on GTFOBins what we can do with
python related to capabilities reveals that we can escalate our privileges to root:
Submit the flags.