DarkCTF 2020: Linux/linux starter
Sept. 27, 2020 in CTF, CTF writeups
Linux/linux starter
101 points
Don't Try to break this jail
ssh [email protected] -p 8001 password : wolfie
Solution
The challenge was to escape jail/restricted shell.
I’ve found, that PATH environment variable contains /home/wolfie/bin:/home/wolfie/.local/bin:/root/bin
So, I’ve simply scp the dash shell into /home/wolfie/.local/bin/
Then, I was able to execute my own shell and find flag in the seconds.
darkCTF{h0pe_y0u_used_intended_w4y}