Linux Local Privilege Escalation - Skills Assessment

I am on flag5. I moved to third user with a shell from external service where it is not upgraded. So, errors reported by shell are missing. Exist any way to fix this. I guess I am inside a restricted “universe” due my filesystem is different than other users. Any hint is welcome! thanks

There are some shell upgrades to get a usable bash shell, have a look at different methods…

Done. Thank you

I could need help as well. I found flag 4 and upgraded my Shell to a fully interactive shell. I also checked commands I can execute with sudo without password and tried to exploit the command. Is this the right way? I did not really find useful hints from the internet.

Thanks so much for the help @chappyroo . This is essential for step 5 - some of these tasks are awful!

1 Like

Hey I got some problems to find where Flag4, I managed to log into the /manager page, but I can’t find the credentials for the user t****t and got no ideas where to go from where on

I’m having trouble getting a reverse shell for flag5. I have the Tomcat username and password, I have tried it with several metasploit methods and nothing, the only thing I have managed is to create a web shell by uploading a file to the tomcat page and from there I got the flag4, but I can’t find the way to get a reverse shell. Any ideas?

Just grabbed the last flag. Upgrading the shell is necessary for the last flag, I used a static solution mentioned in the previous link. Happy to help others if desired.

Hey, I have been stuck in getting the second flag. Any hints are appreciated!

check other users!
Some of them have some files that you might be able to see!

If you were able to get flag4
use that shell to upgrade to an interactive shell as others mentioned. Or use “Meterpreter”, and look for other local exploits provided by “msf”.

Hey guys a little help please. I see the the flag1.txt in the history of htb-student. But it is actually not present. please help

I really can’t find the second flag no matter what I try.

Perhaps check for what is less visible ?

1 Like

for to get flag 5 you can use LES (Linux Exploit Suggester). I know it’s a hint, so don’t hate me. Try every vulnerability that the script will offer you.

any clue, please. i am totally stuck on flag5

Hello

did you get the flag
if yes , can you give me a hint ?

thank you

Has someone used the logrotten exploit in this module? I am having lot of trouble executing the payload and I dont know what am I doing wrong

I think you follow a rabbit hole here.

Can anyone write to me privately please. I have a question about the optional task and would like to understand it. I have all 5 flags, for info.