OpenSSL privesc
#This privesc presupposes a low level ssh connection with the ability to edit /etc/passwd
1]From attacking machine create a unique ssl string for a new user: redcliff
2]From target
3] Paste the hashed password for new user at the bottom.
redcliff:$1$recliff$NuDUpbLxJXpyH5FN4yqix/:0:0:/root/root:/bin/bash
Parts highlighted in red need to be added separately.
4]Save file and exit, then switch to new user
Last updated