TryHackMe – Kenobi Walkthrough
Introduction
This was an easy Linux box that involved gaining initial access by exploiting a vulnerability in ProFTPD to copy a user’s SSH key to a world-readable directory, grabbing it using SMB and using it to authenticate to via SSH and exploiting a vulnerable SUID binary in conjunction with PATH Environmental Variable manipulation to escalate to root.
Read more