nathanwoodburn/BB-Pen-2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

README: Added instructions to gain root access on kali.boysbrigade.au server

Browse Source 
- Added tutorial for gaining root access on the kali.boysbrigade.au server.
- Included a new file H1.md with instructions on how to change shell using su command.
- Renamed README.md to OPTIONAL-keylogger.md and updated its content to reflect the changes in task description.
This commit is contained in:
Nathan Woodburn 2023-06-08 20:52:16 +10:00
parent f78d7461ab
commit 0047e5d83c
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
3 changed files with 73 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
H1.md Normal file
View File

@ -0,0 +1,4 @@
You can use the `su --help` command to see how to use it.
Look for any option to change shell.
The command to use is `su bob -s /bin/bash`

47
OPTIONAL-keylogger.md Normal file
View File

@ -0,0 +1,47 @@
# OPTIONAL BB-Pen-2
The task this week is to create a simple keylogger that will log all the keys pressed on the keyboard and save them to a file.
The program should run in the background and not be visible to the user.
## Requirements
- Access to the kali.boysbrigade.au server (or another linux machine) (This will be provided)
## Instructions
1. SSH into the server using the provided credentials following the instructions from last week.
2. Create a new directory for your project and navigate into it. (Put your name in the directory name to avoid conflicts between other members)
3. In that directory create a new executable file to run the keylogger.
4. Write a script (file that ends in .sh) that will log all the keys pressed on the keyboard and save them to a file.
5. Try to make the keylogger look like it is not running (Hint: show the user a fake command prompt)
## Running the keylogger
```sh
# Run normally
./keylogger.sh
# Run so that it will close the SSH session when you close the logger
exec ./keylogger.sh
```
## Hints
1. Infinite loop:
```sh
while true
do
# Your code here
# Will run forever
done
```
2. Get an input from the user:
```sh
read -p "Enter something: " input
echo "You inputed $input"
```
3. Get the message of the day (Screen that appears when you login):
```sh
cat /etc/motd
```
4. Run a variable as a command:
```sh
command="ls"
$command
# This will run the 'ls' command
```

63
README.md
View File

@ -1,47 +1,28 @@
# BB-Pen-2
The task this week is to create a simple keylogger that will log all the keys pressed on the keyboard and save them to a file.
The program should run in the background and not be visible to the user.
The task this week is to get root access on the kali.boysbrigade.au server.
You have been given a user account on the server (from BB-Pen-1).
Use this account to gain access to the admin account.
## Requirements
- Access to the kali.boysbrigade.au server (or another linux machine) (This will be provided)
## Tutorial
1. Login as `bob` (password in seconduser.pass from `gituser`).
2. See if you can change directory to test
You probably get this message`-rbash: cd: restricted`.
This means that you are in a restricted shell. Try to login to a normal shell (`/bin/bash`).
Hint `su` is the command to switch user (switch to yourself).
Need help? Look in [H1.md](H1.md) for help.
## Instructions
1. SSH into the server using the provided credentials following the instructions from last week.
2. Create a new directory for your project and navigate into it. (Put your name in the directory name to avoid conflicts between other members)
3. In that directory create a new executable file to run the keylogger.
4. Write a script (file that ends in .sh) that will log all the keys pressed on the keyboard and save them to a file.
5. Try to make the keylogger look like it is not running (Hint: show the user a fake command prompt)
3. Once you have a normal shell, try to change directory to test again.
If you are able to change directory, go back to the home directory (just run `cd`).
## Running the keylogger
```sh
# Run normally
./keylogger.sh
# Run so that it will close the SSH session when you close the logger
exec ./keylogger.sh
4. One of the best ways to get root access is to find a program that is running as root, and exploit it.
Run `cat /etc/crontab` to see all the commands that are run on a schedule by the admin.
Notice anything you can exploit?
5. If you found something, try to exploit it.
Something you can try is running this to add yourself to the sudo (admin) group.
```bash
echo 'bob ALL=(ALL:ALL) ALL' >> /etc/sudoers
```
## Hints
1. Infinite loop:
```sh
while true
do
# Your code here
# Will run forever
done
```
2. Get an input from the user:
```sh
read -p "Enter something: " input
echo "You inputed $input"
```
3. Get the message of the day (Screen that appears when you login):
```sh
cat /etc/motd
```
4. Run a variable as a command:
```sh
command="ls"
$command
# This will run the 'ls' command
```
See if you are able to run `sudo whoami`. This should print `root` if you have admin access.
(You might need to wait a minute for the cron job to run)