Extracting file from the target and analyze it with ltrace
Now let's transfer the file over to kali and analyze it.
- 1.base64 -w0 /usr/bin/viewuser this will encode the file into base64. -w0 eliminates line wrapping.
- 2.base64 textfile.txt --decode
- 3.use "ltrace" to analyze it.
executing /tmp/listusersif we replace this file with a shell, we can get a root.replaced the content with 👍
ran the viewuser app