🔬Cron Jobs
Lab 1
Cron Jobs Privilege escalation
Already logged on as
student
unprivileged user
📌
student
user has no privileges and no scheduled cron jobs
Cron Jobs Identify
Look for all occurences of the path or the file, on the system
The file has been copied into the /tmp directory
Check
copy.sh
privileges
Privesc
Every user account has read/write/execute permissions on the
copy.sh
scriptThe script is writable by the
student
user. Modify the script to execute a command (e.g.
adding student tosudoers
file).When the script is executed by
root
cron job (every 1 min for this lab), it will run commands with pivileged permissionsNo text editors available in the lab
Last updated