Hack The Box – Sunday Walkthrough
Introduction
This was an easy Solaris machine that required enumerating users in the Finger service to identify the sunny user, bruteforcing it with Hydra to authenticate via SSH, cracking a user hash found in a backup folder to escalate to the sammy user and exploiting the SUID permission set against Wget to escalate privileges to root.
Read more