Just uploaded my write-up of Flujab to my website, hope you enjoy it
Awesome write up.
Very competent approach for data acquisition from SQL.
I just guessed the name of table and fuzzed the columns.
And I even could not dream to write such smart python script to read all the files available in all the users home folder.
Just noticed the timestamp and walked directly to drno home folder.
Could you please comment this:
To escape, just add -t “bash” when running ssh.
I just typed /bin/bash in ssh session after realized that we got rbash.
Is there any difference how to move to bash?
And Thank you for beautiful design of your write-up.
Thank you very much for your feedback @tabacci
I also walked directly to drno home folder, but since we had a thousand users I wanted to check if there was something in their folders, didn’t help much since all of them were empty.
And yeah, the -t “bash” in ssh does the same thing as executing bash once you’re inside. In some configurations you’re not allowed to type bash or /bin/bash inside and the only way is using -t, but here both ways work to escape the restricted shell.