Post

Funbox Easy

Posted Updated
Funbox-Easy Machine 🖥️
Funbox-Easy Machine 🖥️
By Shivendra Prajapati 1 min read

Description ⤵️

💡 Boot2Root ! Easy going, but with this Funbox you have to spend a bit more time. Much more, if you stuck in good traps. But most of the traps have hints, that they are traps.
If you need hints, call me on twitter: @0815R2d2
Have fun…
This works better with VirtualBox rather than VMware
This works better with VirtualBox rather than VMware.

Let’s find the IP Address first »

164-1.png

1

IP : 10.0.2.17

Port Scan Results ➡️

164-2.png

1
2
3
4

OPEN PORTS >
22     SSH
80     HTTP
33060  mysql

Web Enumeration ⤵️

164-3.png

164-4.png

164-5.png

So with sql injection on store site I got this →

1
2
3

{: .nolineno}
command :
sqlmap -u "<URL>" --risk 3 --level 5

164-6.png

164-7.png

1

admin : admin

164-8.png

Got access →

164-9.png

After accessing that page I got this →

164-10.png

SHELL ➡️

Got something →

164-11.png

164-12.png

Now lets check the sudo -l for root access through tony →

164-13.png

Now I got too much options so lets try least interesting one time →

1

command : sudo /usr/bin/time /bin/sh

164-14.png

164-15.png

If you have any questions or suggestions, please leave a comment below. Thank You !

Proving Grounds Play, Funbox
PrivEsc Sqlmap timedatectl
This post is licensed under CC BY 4.0 by the author.