Hacking a raspberry pi?

Iniciado por L0n3, Marzo 15, 2020, 02:40:13 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Marzo 15, 2020, 02:40:13 PM Ultima modificación: Marzo 15, 2020, 06:56:00 PM por Gabriela
Hello everyone¡¡

Im trying to get a shell with root privileges in my own raspberry pi, just for practicing. I have tried so many things, read so many blogs but nothing works. I connected to rapsberry by ssh/telnet that i left opened, and i simulate a brute force attack to an regular user (bob), so just got a non privilege shell and meterpreter session using metasploit.

I followed gotmilk and payatu blogs...

Launched a linuxprivchecker and i get the following informantion:

Kernel: Linux version 4.19.75-v7+ (dom@buildbot) (gcc version 4.9.3 (crosstool-NG crosstool-ng-1.22.0-88-g8460611)

OS: Raspbian GNU/Linux 10

Super Users Found: root

Installed Tools












The following exploits are applicable to this kernel version and should be investigated as well

- Kernel ia32syscall Emulation Privilege Escalation || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=c

- Sendpage Local Privilege Escalation || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=ruby

- CAP_SYS_ADMIN to Root Exploit 2 (32 and 64-bit) || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=c

- CAP_SYS_ADMIN to root Exploit || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=c

- MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=c

- open-time Capability file_ns_capable() Privilege Escalation || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=c

- open-time Capability file_ns_capable() - Privilege Escalation Vulnerability || No tienes permitido ver los links. Registrarse o Entrar a mi cuenta || Language=c

Also launched:

find / -perm -u=s -type f 2>/dev/null

























Maybe there are not enough info in order to help, but if somebody has an idea that could help me... I would be grateful. Anyway, i dont even know if it is possible to hack it because it is not a lab prepared to pentesting.

Thank you in advance.