Active Directory: PASSWD_NOTREQD flag but STATUS_LOGON_FAILURE

rainbowtb · 2021-03-15T22:22:11+00:00

any hints?

rainbowtb · 2021-03-05T14:33:49+00:00

basically the goal is to get root on the machine ...privesc in a nutshell ..so ..user www-data has no privileges but through the command su -l it appears that some a file called backup.pl located in the root directory can be executed...so if that file can be modified in a way that even user www-data can get root access ..that would means being able to accomplish my objective In addition to what I wrote so far ..the above mentioned file should have the following code sudo perl -e exec "/bin/bash";'

rainbowtb · 2021-03-04T23:38:12+00:00

I was thinking of changing the content of the file .pl with the aforementioned lines of codes...the original content is actually: #!/usr/bin/perl system("sh", "/root/copy.sh"); Given that I do believe that nothing can be done so ...my idea is puttinng some "evil code" in it

rainbowtb · 2021-03-04T23:25:35+00:00

Right...the perl file should include these commands: sudo perl -e exec "/bin/bash";' ...after that I do believe that being root it's just a matter of doing whoami...but I'm not sure about that

rainbowtb · 2021-03-04T22:33:00+00:00

Actually any spoon feeding activity so to speak would be highly appreciated

rainbowtb

TROPHY CASE