in this module im unable to escape the shell.only command working is pwd and all other commands are disabled.
tried to change path variable but got restricted
tried different operators like `` | ;with different commands but non of them are working
any hints would be appreciated
If you just want to read the flag.txt file then using the aforementioned technique with echo is enough, if you really want to escape the restricted shell then try starting a remote shell with an unrestricted profile
This is the major problem I have with some of these modules. This particular technique is not mentioned in the tutorial…why? Why do I have to go off and search on google for the exact information I am paying to get on the HTB learning material???
seeing that there’s a bin folder in the home, type bin/ and a couple of tabs to see what’s in there. there’s only man
try to execute a few things by passing man as an argument, including the flag.txt. it doesn’t work but i get an error message that there's no entry for blah blah blah.
pass the content of flag.txt to man through command substitution with man < flag.txt`
read the error message from man that contains the flag. read, like, from the screen lol
first use pwd to know where u r, then use compgen -c to print a list of the commands that the bash allow u to use, if you see something like “print” then you have the 80% of the problem solved. =D