Took me forever to escalate privileges . Even tried creating an encrypted password for root lol. Thank you, even following this I couldn’t figure out where my error was but finally got it !
Hey man when I do all the script part to escalate to root I get this error "Sorry, user mtz is not allowed to execute 'usr/bin/su' as root on permx." I've gotten this error no matter the right up that I've reffered to and it happens when I put the password for "sudo su" Great work and tutorial !
What I did was to create a symbolic link using the following command (ln -s /etc/sudoers /home/mtz/sudoers). You will need to create a symbolic link to the /etc/sudoers file and assign it the new location /home/mtz/sudoers. This command is using the ln command with the option -s which stands for symbolic link. The resulting link can be used to access the original sudoers file, allowing the user to easily modify or backups the original file without affecting the actual file located in /etc/.
I also used the command sudo /opt/acl.sh mtz rw /home/mtz/tada to set Access Control List (ACL) permissions for the "tada" directory located at /home/mtz/tada for the user mtz. The sudo command is then used to run the script with superuser privileges. The /opt/acl.sh is a script that modifies the ACL settings. The rw option specifies that the user mtz should have read and write access to the directory. This command is useful for managing permissions and access control in Linux systems. I would recommend you check up this Linux command and read more on privilege escalation. I know it looks like magic or a little difficult but I promise you, when you master it, it's very easy. I am glad you found the video helpful. Keep watching and thank you.
It was at first difficult finding it. I spent several weeks looking for how to get the root flag (root.txt) Explaining it within a short amount of time is only to make it simpler for whoever finds it difficult.
I followed your video till I got the user.txt but getting the root.txt, I guess you were doing a lot that wasn't necessary I had to use a simpler method to get the root.txt. Well I guess everyone has their methods. Great video
Thank you for your feedback. There are a lot of ways in solving the machines, I guess everyone has their own different methods. I use the method I deemed fit and easier for me.
@@weamderbieh8900 Which part of the video is confusing so that i can provide another video? You can read my writeup on Medium at medium.com/p/1ddc365955f9
Took me forever to escalate privileges . Even tried creating an encrypted password for root lol. Thank you, even following this I couldn’t figure out where my error was but finally got it !
I am happy you found a way around it. Subscribe for more videos and don't forget to share. Thank you 👍
thx
Hey man can you check if crm is still showing using fuff,i think they changed the box or something,will be very helpful for me 🙏🏻🙏🏻🙏🏻
It's still working. I tried it today and it worked!
Hey man when I do all the script part to escalate to root I get this error "Sorry, user mtz is not allowed to execute 'usr/bin/su' as root on permx." I've gotten this error no matter the right up that I've reffered to and it happens when I put the password for "sudo su"
Great work and tutorial !
What I did was to create a symbolic link using the following command (ln -s /etc/sudoers /home/mtz/sudoers). You will need to create a symbolic link to the /etc/sudoers file and assign it the new location /home/mtz/sudoers. This command is using the ln command with the option -s which stands for symbolic link. The resulting link can be used to access the original sudoers file, allowing the user to easily modify or backups the original file without affecting the actual file located in /etc/.
I also used the command sudo /opt/acl.sh mtz rw /home/mtz/tada to set Access Control List (ACL) permissions for the "tada" directory located at /home/mtz/tada for the user mtz. The sudo command is then used to run the script with superuser privileges. The /opt/acl.sh is a script that modifies the ACL settings. The rw option specifies that the user mtz should have read and write access to the directory. This command is useful for managing permissions and access control in Linux systems.
I would recommend you check up this Linux command and read more on privilege escalation. I know it looks like magic or a little difficult but I promise you, when you master it, it's very easy. I am glad you found the video helpful. Keep watching and thank you.
how you know where to find the passwrd or it's common to find it there
It was at first difficult finding it. I spent several weeks looking for how to get the root flag (root.txt)
Explaining it within a short amount of time is only to make it simpler for whoever finds it difficult.
I followed your video till I got the user.txt but getting the root.txt, I guess you were doing a lot that wasn't necessary I had to use a simpler method to get the root.txt. Well I guess everyone has their methods.
Great video
Thank you for your feedback. There are a lot of ways in solving the machines, I guess everyone has their own different methods. I use the method I deemed fit and easier for me.
Hello can u please share with me ur method
because i found that in this video at the level of root was confusing
@@weamderbieh8900 Which part of the video is confusing so that i can provide another video?
You can read my writeup on Medium at medium.com/p/1ddc365955f9
@@weamderbieh8900 Kindly read my writeup here: medium.com/p/1ddc365955f9
why did you choose the username MTZ for ssh ?
I found mtz user after getting the reverse shell
You can change the directory by using cd .. until you are in the root folder, then cd the directory to usr, there you will find mtz