Official Bookworm Discussion

Quite an interesting approach. Anyway, I don’t think you can pivot with this technique. Try to run this commands for successful pivoting.

(attacker) ./chisel server -p 1337 -reverse &
(frank) ./chisel client R:3001:localhost:3001 &

Don’t forget to replace the IP address with the correct one.

try the -D option.


So can anyone help me escalating from user F to N. For my research part, I found that c…bre app, and pivot and tried to use it. any how the app doesn’t work. I use pspy64 to look what commands were executing. and found out that user N’s app use the command with /home/n---/converter/c--bre/bin/that-binary /home/n---/converter/processing/fb4f02db-418f-4508-9521-abbf7bc85a8d.pdf /home/n---/converter/output/fb4f02db-418f-4508-9521-abbf7bc85a8d.epub. which really doesn’t write the file to that directory. So I searched online and the user N should be running the command like /home/n---/converter/c--bre/that-binary not ...../bin/that-binary which resulting in a library not found error. But I tried setting LD_PATH for the but really no luck. So am I missing something or I am in complete wrong way? Please somebody help me.

This is now solved with unusual file extension in the input intercept. Now I can’t symlink the files that I want. any idea on this? Help me again.

Nevermind, got it. I think I will write up this part one day! very nice one!

Finally, Rooted!

1 Like

Can I DM anybody for foothold? I think I have the correct payload but I’m not getting the result I whish

Edit: finally got my payload working

And rooted. Definitely an insane machine. Loved the foothold part. Root was a bit confusing but when you understand what you need to target and focus it’s doable.

Thanks for the box

still need some help in the escalation from user f**** to user n***

anyone that can help plz?

need help with payload for the root part (just correct syntax)

you can DM me

rooted bro. thanks btw


can some someone give me a nudge for initial access

You can DM me