I’ve transferred Baron Samedit to the target, but can’t use the make command there. Making locally, transferring and running on the remote doesn’t work. Wrong libraries.
I have root access to ncdu but I can’t find a way to exploit that.
Anyone know how to solve this one?
EDIT: So I went the long way around, created an Ubuntu focal container, made the sudo-hax-me-a-sandwich from there. Uploaded it to the box and was now able to run it, but after “praying for a rootshell” I get the error “Sorry, user htb-student is not allowed to execute ‘sudoedit AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA’ as root on ubuntu.”
For anyone stuck at this point, following the material provided gets you most of the way there, with the difference being visible sudo privileges.
**ALL=(ALL) /usr/bin/id vs. (ALL, !root) /bin/ncdu**```
You must find how to use ** /bin/ncdu**
the material provides you with enough information to complete the exercise. If you need any help, just reply to me here
I’m working on the Polkit page after Sudo. I’ve tried to run the exploit from 2 different sources. I am able to make the exploit on my local machine and scp it over to the target just fine. When I run the exploit, I am stuck at ./cve-2021-4034: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.34’ not found (required by ./cve-2021-4034). Any advice?
