[HTB]记一次通关hackthebox-Oopsie

python3 -c 'import pty;pty.spawn("/bin/bash")'

ls -la /usr/bin/bugtracker && file /usr/bin/bugtracker

Commonly noted as SUID (Set owner User ID), the special permission for the useraccesslevel has a single function: A file with SUID always executes as the user who owns thefile, regardless of the user passing the command. If the file owner doesn't haveexecute permissions, then use an uppercase S here.In our case, the binary 'bugtracker' is owned by root & we can execute it as root sinceit has SUID set.

webshell:https://github.com/BlackArch/webshells

https://www.parrotsec.org/download/