I’m following the Stack Buffer Overflow module in HTB Academy, it’s a good module for the beginner like me.
Currently, I’m able to win an access to my target with my exploit.
The problem is that I’m just the “user” of the machine and not the root. In fact, after start my exploit in GDB, I check my Netcat part and when I have won the access and I check the ID, I just have the name of the user (htb-student…).
Now, I don’t really know if I have correctly analysed the leave_msg programm or if I must to do a privilege escalation with other skills.
Thanks to have payed attention on my informations request.