The lsb_release -a command is also helpful to find out what distribution is running and its release information. Since we already have a shell, we can use the uname -a command to view kernel information about the system. We will be using a kernel exploit to escalate privileges and get root, so first, we need to find out some information about the target. Previously: How to Exploit Shellshock on a Web Server Using Metasploit.What we ultimately want is root access, so in order to do that, we will need to escalate privileges and break out of the limited shell. In a previous tutorial, we used Metasploit to gain a low-level shell on the target system by exploiting the Shellshock vulnerability. Sometimes even a successful exploit will only give a low-level shell In that case, a technique called privilege escalation can be used to gain access to more powerful accounts and completely own the system. Much like SYSTEM on Windows, the root account provides full administrative access to the operating system. Getting root is considered the Holy Grail in the world of Linux exploitation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |