1
00:00:00,930 --> 00:00:08,700
Hi, within this lecture, we're going to focus on pseudo list or pseudo dash l and we have seen this

2
00:00:08,700 --> 00:00:13,470
technique before during the CTF solving in the previous sections.

3
00:00:13,890 --> 00:00:22,400
But I believe we have to recap this one more time in order to truly understand what we can do with this.

4
00:00:22,980 --> 00:00:30,930
So far, we know that once we get the user, once we hack into a system, we can run pseudo the shell.

5
00:00:31,200 --> 00:00:35,260
OK, so let me run this and see what we can do over here.

6
00:00:35,790 --> 00:00:43,470
So once we do this, we can see what kind of things or what kind of binaries that we can execute over

7
00:00:43,470 --> 00:00:43,980
here.

8
00:00:44,520 --> 00:00:48,470
And we can do this without giving a password.

9
00:00:48,660 --> 00:00:54,210
So maybe we can get this in some kind of servers or in some kind of Pentax.

10
00:00:54,450 --> 00:00:57,130
Maybe we don't get this, but it's worth a shot.

11
00:00:57,510 --> 00:01:05,400
So once we do that, it's even not guaranteed to become root using one of these binaries or one of these

12
00:01:05,400 --> 00:01:06,770
programs over here.

13
00:01:07,260 --> 00:01:11,400
But again, we can search for it and we can see what we can do with it.

14
00:01:11,800 --> 00:01:16,320
OK, so even though it's not guaranteed, make sure you run pseudo.

15
00:01:16,320 --> 00:01:18,460
I'll just take it in your notes.

16
00:01:18,480 --> 00:01:25,050
OK, one of the first things that you should do once you become a user or worse, you just hack into

17
00:01:25,050 --> 00:01:25,710
a system.

18
00:01:25,890 --> 00:01:27,460
And we have seen this thing right.

19
00:01:27,480 --> 00:01:33,170
We have seen and met before and we have used an app to become root.

20
00:01:33,750 --> 00:01:36,790
So, for example, let me just do this one more time.

21
00:01:36,810 --> 00:01:39,750
Let me see if we can run this with pseudo comment.

22
00:01:40,050 --> 00:01:43,920
As you may have already know, pseudo means super user do.

23
00:01:44,220 --> 00:01:52,690
And we actually run any of the binaries with a escalated privilege, of course, if we have the permission.

24
00:01:53,070 --> 00:01:56,640
For example, if I run this, as you can see, it gets executed.

25
00:01:56,850 --> 00:02:04,230
Since I didn't provide any of the parameters that I should, it just displayed me the hub documentation.

26
00:02:04,470 --> 00:02:13,740
But again, it's enough because I know I can run this, so maybe I can just use the interactive mode

27
00:02:13,740 --> 00:02:21,900
that we have seen before and just run exclamation mark S.H. in order to get a shell back from root.

28
00:02:22,380 --> 00:02:25,470
So maybe you remember that it was very easy.

29
00:02:25,470 --> 00:02:30,540
And actually at that time I didn't know that we just Googled it and found it.

30
00:02:30,800 --> 00:02:33,900
OK, so let me show you what I mean.

31
00:02:34,080 --> 00:02:37,140
We can come over here and say Dash Dash interactive.

32
00:02:37,140 --> 00:02:44,610
So maybe you have skipped that lecture and once you go into the command line of a map, you can run

33
00:02:44,610 --> 00:02:45,570
anything you want.

34
00:02:45,570 --> 00:02:51,330
And if you want, if you run just this, then you get a callback and I say show.

35
00:02:51,720 --> 00:02:55,410
And over here, if you run it, as you can see, we are route.

36
00:02:55,680 --> 00:02:56,880
If you're on, who am I?

37
00:02:57,030 --> 00:02:58,470
You get route back.

38
00:02:58,950 --> 00:03:00,450
So far, so good.

39
00:03:00,460 --> 00:03:05,850
As you can see, we became route by using the N map over here.

40
00:03:06,090 --> 00:03:09,720
So maybe you didn't know and map does that and map.

41
00:03:09,720 --> 00:03:14,610
Let's said of course you can Google it out and find it OK.

42
00:03:14,940 --> 00:03:18,690
And I have shown you have to do that in the previous sections.

43
00:03:19,050 --> 00:03:22,260
So I'm going to go out of this by running exit.

44
00:03:22,500 --> 00:03:28,890
OK, so I'm going to run exit one more time and we are back in user so I'm going to run through the

45
00:03:28,890 --> 00:03:30,030
URL one more time.

46
00:03:30,210 --> 00:03:32,640
And here we have some other tools as well.

47
00:03:32,940 --> 00:03:39,840
I don't think we can use find, for example, in order to become route, but maybe we can use them.

48
00:03:40,290 --> 00:03:46,230
As we have already seen in the Bendat section, Vem has its own command line as well.

49
00:03:46,470 --> 00:03:49,860
So we can't use Vim and try to become route.

50
00:03:50,130 --> 00:03:54,750
For example, we can just say pseudo user being whim.

51
00:03:55,170 --> 00:04:03,900
And over here, in order to use the command line of them, we can just say Dachsie and this is the command

52
00:04:03,900 --> 00:04:05,490
that we are going to execute.

53
00:04:06,150 --> 00:04:09,510
We were writing design between single quotation marks.

54
00:04:09,810 --> 00:04:15,780
OK, all you got to do is actually run by Bashar S.H. whether we worked for you in that case.

55
00:04:16,230 --> 00:04:26,310
OK, so come over here and just say exclamation mark and being as h for example, let's see if we get

56
00:04:26,310 --> 00:04:27,480
the NHL back.

57
00:04:28,200 --> 00:04:29,640
So here we are.

58
00:04:29,820 --> 00:04:30,480
Let me around.

59
00:04:30,480 --> 00:04:31,220
Who am I?

60
00:04:31,650 --> 00:04:33,120
And here we are route.

61
00:04:33,540 --> 00:04:39,900
As you can see, it's very easy if you know what you're doing and most of the time, more, more and

62
00:04:39,900 --> 00:04:48,180
often you you will see those things because many times administrators are too lazy to implement the

63
00:04:48,180 --> 00:04:53,400
security features and they just let it run with pseudo.

64
00:04:53,550 --> 00:04:56,220
They think that nothing is going to happen.

65
00:04:57,060 --> 00:04:59,850
But more than often something's.

66
00:04:59,900 --> 00:05:04,580
Going to happen over here if the hacker knows what he's doing.

67
00:05:04,900 --> 00:05:09,790
OK, so here we have the Apache to and others here as well.

68
00:05:09,950 --> 00:05:17,470
Maybe you can search for them online and see if there is any way to become rude using Apache, for example.

69
00:05:17,990 --> 00:05:19,670
And we are inside of the.

70
00:05:20,330 --> 00:05:26,080
I'm going to say, Colin two exclamation mark and hit enter to exit out of this one.

71
00:05:26,300 --> 00:05:27,420
And here we are.

72
00:05:27,740 --> 00:05:31,550
So I'm going to stop here and continue within the next lecture.