Hi everyone,
Currently using the pwnbox on ‘Shells&Payloads’ module. Trying to simply run the netcat command
sudo nc -lvnp 443
as part of the ‘Reverse Shell’ module, I get asked for a the sudo password. Result of sudo -l:
(ALL) NOPASSWD: ALL
Have I missed something please (eg is there a student password for the attack box?)?
Hey! If I am reading this correctly you are looking for the root password on the pwnbox right?
Check the Desktop or Desktop folder. There should be a my_credentials file.
-onthesauce
But on second though you shouldn’t need sudo to run netcat.
Brilliant, thank you! Now able to proceed.
In this case netcat needs the root access rights.
nc -l 443 starts the netcat listen to port 443. Binding to a TCP less than 1024 is limited to root. This netcat call needs sudo (or calling in a shell of the root).
E. g. the call nc -l 1337 is possible for “normal” users. A bind to TCP port 1024 and above is possible without root access rights.
Ahhh, that’s a handy bit of info to keep in mind. I can’t remember the last time I used netcat with a port under 1024.
Thank you for the correction!
-onthesauce