App - System
Friday 26 June 2020, 14:20 #1
[FAQ] Windows App-System challenges and Cygwin
Hello,
The path management is special in Cygwin, you need to use Windows paths in order to avoid getting bad results while exploiting the PE binaries.
For example :
/tmp
becomes C:\cygwin64\tmp\
In addition, please remember that you need to use the wrapper.sh script in order to get the right privileges to read the .passwd flag. This script acts like a suid version of the exploited binary. You do not need to use the runas command to get higher privileges on the server.
Ech0