Dynstr Write-up by evyatar9

Read my writeup for dynstr machine on:


User: Founding RCE on no-ip.com API, Get shell as www-data user, From www-data we found SSH private key on /home/bindmgr directory inside strace-C62796521.txt file.

Root: By running sudo -l we found we can run the following script as a root /usr/local/bin/bindmgr.sh, The script copies file as a root, By creating ln to /root/root.txt we can read the root flag.