Home CTFs | HeroCTF_2024 | Misc | Moo
Post
Cancel

CTFs | HeroCTF_2024 | Misc | Moo

Moo

image

In this challenge, we need to escape the restricted shell we are in.

First we can try some commands to see what is working and what is not:

image

So as we can see, a lot of commands are restricted. But the echo one is not.

image

So now we know that our path is in the /usr/local/rbin folder. In this folder are the following files:

image

First I started looking at the rbash file:

image

I thought that it has something to do with the bash -r but in fact it was linked to the cowsay. If we check the GTFObins page of this binary we see that we can in fact run commands with it:

image

Now that we know that and that we know we can run vim (present in our path), we can write a file that will execute a shell:

image

Now we can save it and run it with cowsay:

image

Now that we escaped, we can run any command in the terminal. Lets try the one they told us we can’t run. And… Voila:

image

This post is licensed under CC BY 4.0 by the author.