lin.security靶机攻略
前言
这个靶机很简单,考验内容为账户提权。
提醒自己【关注靶机描述!关注靶机描述!】
靶机下载地址
lin.security_v1.0.ova (Size: 1.6 GB)
Download: https://in.security/downloads/lin.security_v1.0.ova
Download (Mirror): https://download.vulnhub.com/linsecurity/lin.security_v1.0.ova
Download (Torrent): https://download.vulnhub.com/linsecurity/lin.security_v1.0.ova.torrent ( Magnet)
靶机描述
Here at in.security we wanted to develop a Linux virtual machine that is based, at the time of writing, on an up-to-date Ubuntu distro (18.04 LTS), but suffers from a number of vulnerabilities that allow a user to escalate to root on the box. This has been designed to help understand how certain built-in applications and services if misconfigured, may be abused by an attacker.
We have configured the box to simulate real-world vulnerabilities (albeit on a single host) which will help you to perfect your local privilege escalation skills, techniques and toolsets. There are a number challenges which range from fairly easy to intermediate level and we’re excited to see the methods you use to solve them!
The image is just under 1.7 GB and can be downloaded using the link above. On opening the OVA file a VM named lin.security will be imported and configured with a NAT adapter, but this can be changed to bridged via the the preferences of your preferred virtualisation platform.
To get started you can log onto the host with the credentials: bob/secret
实战
靶机地址:192.168.10.5
攻击机地址:192.168.10.4
-
先进行探测,确定靶机IP为:
192.168.10.5
,之后使用nmap进行探测nmap -A -p- -v 192.168.10.5
;
-
发现靶机开放22端口,尝试用靶机描述给的账户密码
bob/secret
登录
登录成功:
-
cd至/tmp/目录下,通过
sudo -l
查看当前可使用的命令,发现/bin/bash、/bin/ash等都可以使用。
-
直接
sudo /bin/bash
便直接获取root权限