An excellent box with a pretty novel idea for SQL injection: Text-to-Speech and Speech Recognition.
wow that’s a really cool way of doing it
Also a quick question about the way you got root.
I see you attached a debugger to the java program, but does that allow you to actually insert/modify code on the fly? If not I’m not sure I understand how you got your reverse shell to be triggered
Yes. that’s the feasibility of JDWP port
very good machine, i love the idea to spell the instructions hehe: D, but the real challenge is debug java
Why did “sudo -u#-1 vi” not work on the machine? Version 1.8.21p2-3ubuntu1.1 should be vulnerable.
Take it as another challenge and figure it out
I see it is a patched version by Ubuntu: USN-4154-1: Sudo vulnerability | Ubuntu security notices | Ubuntu And yes I have to look deeper next time…