https://hussienmisbah.github.io/tags/core-dump/ Recent content in Core-Dump on 0xMesbaha Hugo en Sat, 26 Mar 2022 00:45:19 +0200 https://hussienmisbah.github.io/posts/linux-machines/2022-03-26-secret/ Sat, 26 Mar 2022 00:45:19 +0200 https://hussienmisbah.github.io/posts/linux-machines/2022-03-26-secret/ <p>In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this will help us change our token to the admin token and login as admin , reading source codes we find a command injection so we will have a reverse shell as a user, for the root part there is a suid binary that can read any file on the system and count it , and in the source code it has <code>PR_SET_DUMPABLE</code> so we can dump it if it receives a signal while running ,we will send segmentation fault signal and dump the process then performing strings on the dump we can read the root ssh private key and login as root</p>