Mirrors/CTF-Writeups
2
0
Fork 0
mirror of https://github.com/AbdullahRizwan101/CTF-Writeups synced 2024-11-10 06:34:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update Cheat Sheet.md

Browse source
This commit is contained in:
ARZ 2021-09-09 17:23:19 +05:00 committed by GitHub
parent 496bd71462
commit 46a8aa85bd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Cheat Sheet.md
View file

@ -226,7 +226,7 @@ sudo /usr/bin/ln
``` ```
### Escaping restricted Shell (rbash) ### Escaping restricted Shell (rbash)
Using vi editor #### Using vi editor
``` ```
: set shell =/bin/sh : set shell =/bin/sh
@ -236,6 +236,10 @@ Then setting the PATH variable
`/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin` `/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin`
#### Using -t 'bash --noprofile'
When logging in with ssh we can using -t to enable pseudo-tty allocation and then we can change the PATH and SHELL varaible
### Tar Exploitation ### Tar Exploitation
When ever you see a cronjob running with a command `cd /<user>/andre/backup tar -zcf /<folder>/filetar.gz *` go to that folder from which a backup is being created and running these command in that directory <br/ > When ever you see a cronjob running with a command `cd /<user>/andre/backup tar -zcf /<folder>/filetar.gz *` go to that folder from which a backup is being created and running these command in that directory <br/ >