Skip to content
This repository has been archived by the owner on Feb 10, 2022. It is now read-only.

Latest commit

 

History

History
20 lines (14 loc) · 3.03 KB

README.md

File metadata and controls

20 lines (14 loc) · 3.03 KB

42-Boot2Root

This project is a small information security challenge. The goal is to exploit whatever is on the machine to become root. The only rule is not to bruteforce password.

We're given a vulnerable ISO on which several program are running. Using known vulnerabilities and reverse engineering we can access ressources that aren't meant to be and make our way through different services.

Breakdown

Writeup Ressources Exploits
1 nmap | dirb | sshd configuration | file | ftp | Hopper | gdb | Bitwise operations | turtle | md5sum | EIP register | ESP register | ASLR | Endianness Webshell upload | Buffer overflow | ret2libc attack
2 syslinux | file | init Init override in recovery mode
3 mount | casper | squashfs files | unsquashfs Dig through squashfs file
4 Shell-storm | NOP instruction Shellcode injection | NOPSlide
5 httpd | ExploitDB suEXEC information disclosure
6 ExploitDB Race condition | Dirty cow

Credits

Made in collaboration with @thervieu.