THM Lazy Admin Walkthrough

Happy holidays to everyone, thank you for supporting the channel New videos will be coming out every week :D Lazy Admin falls into Easy category of CTFs on TryHackMe platform I forgot to mention where I got the last script from when I used privilege escalation so here is an explanation of the script and where I found it: 1. Script found in exploit-db documents under number 49411, it's a bit larger PDF file but you will be able to find it 2. Breaking down the commands: echo "cp /bin/bash tmp/copybash; chmod +s tmp/copy/bash": So, this part uses the echo command to print the string "cp /bin/bash tmp/copybash; chmod +s tmp/copybash" to the standard output. The "greater than" operator redirects this output to a file named "copy.sh" in the "etc" directory. "Greater than operator" /etc/copy.sh: Redirects the output of the echo command to the file "/etc/copy.sh," creating or overwriting it. YouTube for some reason doesn't let me use greater than sign, so I needed to spell it out :D Anyway, after running this command, we will have a script named "copy.sh" in the "/etc/" directory that, when executed, will copy the "/bin/bash" executable to "/tmp/bash" and set the SUID bit on it. Hope this explanation helps :D