Type your comment> @elseif said:
Type your comment> @lebutter said:
I don’t understand how people found the vuln so quickly. To be honnest, I went over it, but i had easily 4 or 5 other things to check, so i dismissed it as soon as it didn’t work and checked the other.
Only when i saw the hints did i think that I needed to recheck every single one of those carefully, but without knowing it it’s a different thing. Once you know the hints it’s indeed easy but without the hint you can easily fall into rabbit holes and mess around with things that are somehow realted to the vulnerability which won’t work.
Root is definitely easy and a “classic” of privesc for those who are learning privesc.
My experience was exactly this. Spent all afternoon knowing the weak point but digging through the many possible CVE’s and dead ends before landing on the one that works. It boggles my mind how quickly people pinned down the right one but I’m sure experience plays a role.
No, experience doesn’t count here, you are given a simple clue as to what to search for and that’s it.
User blood was insanely fast, either he was VEEERY lucky or a big hint was handed out to him, plain and simple.