ellingson write-up by epi

epi · October 19, 2019, 3:04pm

My write-up of ellingson; A nostalgic (and awesome) box from Ic3M4n, aka @BenGrewell where we exploit a misconfigured Flask site, find some creds laying around, and then perform a Ret2libc attack on a SUID bit binary to get root.

Feel free to hit me up with any questions/comments. Thanks!

z3r0pwn3r · October 21, 2019, 4:31pm

I don’t understand why we are giving the setuid(0) .
For ‘0’ it represents root user i knew it.
But this binary why we are giving setuid() please answer me dude.
I don’t understand.