Cookie Consent by PrivacyPolicies.com

DarkCTF 2020: Linux/linux starter


DarkCTF 2020: Linux/linux starter

Linux/linux starter

101 points

Don't Try to break this jail

ssh [email protected] -p 8001 password : wolfie

Solution

The challenge was to escape jail/restricted shell.

I’ve found, that PATH environment variable contains /home/wolfie/bin:/home/wolfie/.local/bin:/root/bin

So, I’ve simply scp the dash shell into /home/wolfie/.local/bin/

Then, I was able to execute my own shell and find flag in the seconds.

darkCTF{h0pe_y0u_used_intended_w4y}