1
00:00:00,330 --> 00:00:07,440
So guess in this, you know, we're going to take a look at this crown or the crown jewels, if up is

2
00:00:07,440 --> 00:00:13,320
running as a route and we can modify it, then we can place the reversal and we'll get the road.

3
00:00:14,130 --> 00:00:16,920
So that's what we are going to see in this video.

4
00:00:17,280 --> 00:00:23,030
Now, let's see what's out there in the current show.

5
00:00:23,360 --> 00:00:27,770
So let me get a second to give you the contents of this contest.

6
00:00:28,890 --> 00:00:34,380
As you can see, there is there are some scripts, our daily, weekly and monthly.

7
00:00:35,260 --> 00:00:39,360
And if you can see down hill, down below, you can see the route.

8
00:00:39,840 --> 00:00:42,630
And we are going into this spot available there.

9
00:00:42,990 --> 00:00:46,060
And then we are executing as a result of the script.

10
00:00:46,140 --> 00:00:47,910
My secret is it's.

11
00:00:51,730 --> 00:00:59,380
So now this is a good every minute, every hour, every minute, every hour, every day of the month

12
00:00:59,380 --> 00:01:02,250
and etc., so good every minute.

13
00:01:02,260 --> 00:01:08,840
So what we can do is we can see if there is any trading permissions for our users.

14
00:01:09,040 --> 00:01:11,080
Let me look at this one.

15
00:01:14,520 --> 00:01:14,950
OK.

16
00:01:14,970 --> 00:01:25,350
Oh, yes, this one is inevitable, so I just did not see Gartree, let me go into the city where all

17
00:01:25,350 --> 00:01:29,840
this red carpet is here and let's arrest minister.

18
00:01:34,450 --> 00:01:43,230
So we have the right disease out there and we have the right person, so let's go into the city of W-W.

19
00:01:47,690 --> 00:01:55,010
So the my Nazeer, so now let me read this with Nannerl, not my.

20
00:01:57,460 --> 00:02:02,840
So it is already how this Shiban been, Bash and I will run through this.

21
00:02:03,050 --> 00:02:03,760
This is second.

22
00:02:03,760 --> 00:02:04,400
One second.

23
00:02:04,460 --> 00:02:09,520
Any second now what I can do is I can push the, uh, the script.

24
00:02:10,900 --> 00:02:14,390
So I am at this, uh, benchmark.

25
00:02:14,610 --> 00:02:17,480
It was, uh, it was strategic.

26
00:02:18,010 --> 00:02:21,230
Now, what I'm going to do is I will serve this bastard.

27
00:02:21,370 --> 00:02:21,670
Shoot.

28
00:02:22,660 --> 00:02:23,520
Sorry, bastard.

29
00:02:23,530 --> 00:02:27,490
What Shakal now I'm going to put it in here that have been.

30
00:02:29,660 --> 00:02:31,880
So you can also trade up, I don't.

31
00:02:32,490 --> 00:02:43,280
But the bash is there and the Linux system and when I see it in here, I need to put the quotation marks,

32
00:02:43,280 --> 00:02:46,700
quotations and bash and then.

33
00:02:49,550 --> 00:02:55,790
I know I'm going to sell this, uh, OK, sorry, I did not.

34
00:03:04,350 --> 00:03:06,790
So you're not in this IP address.

35
00:03:06,810 --> 00:03:07,500
Sorry for the.

36
00:03:10,270 --> 00:03:18,670
So my 10 zero hour after I have connected to this network that the room contains, this is configurable

37
00:03:18,670 --> 00:03:20,170
one Coranderrk.

38
00:03:21,040 --> 00:03:31,160
So no, let me pass this IP address here and let me put it in here and then I want to listen on the

39
00:03:31,170 --> 00:03:31,340
vote.

40
00:03:31,360 --> 00:03:32,410
One, two, three, four.

41
00:03:33,340 --> 00:03:35,260
And before that, let me

42
00:03:38,200 --> 00:03:40,420
start the cursor on.

43
00:03:40,420 --> 00:03:41,320
One, two, three, four.

44
00:03:41,330 --> 00:03:44,070
Put everything you said.

45
00:03:44,080 --> 00:03:45,400
I'm going to say the script.

46
00:03:46,660 --> 00:03:53,020
And now we should just wait for one minute to get Rachel.

47
00:03:58,290 --> 00:04:08,400
As you can see it in a minute, we got the Ruggeri can see where my route and officinalis so you can

48
00:04:08,400 --> 00:04:18,030
also get the HD or that just for subverting the question, OK, this is how we took advantage of this

49
00:04:18,240 --> 00:04:19,810
configurable cron job.

50
00:04:20,160 --> 00:04:24,120
So this granter by default executes as a route user.

51
00:04:24,510 --> 00:04:32,790
So it should be taken that if any scripts should not be writable to any other resource except that other

52
00:04:32,790 --> 00:04:33,320
than route.

53
00:04:33,660 --> 00:04:40,710
So if any normal user had access the right access to this, any script that is running under the ground,

54
00:04:41,130 --> 00:04:46,460
then he can just simply edit this file and purchase the reversal.

55
00:04:48,180 --> 00:04:50,040
So I hope you understood this.

56
00:04:50,070 --> 00:04:56,360
This is one of the method that takes advantage of this misconfiguration in the current jobs.

57
00:04:57,450 --> 00:05:05,370
So I always try to make sure that your files are not readable with other users.