Name		Name	Last commit message	Last commit date
parent directory ..
setup		setup
solution		solution
README.md		README.md

README.md

Cap-i-sh

Category: misc Author: ishtar

Description

Beep boop bop... A blessing and a curse :/

Solution

Reveal Spoiler

The main objective of this challenge is to familiarize the player with Linux capabilities (man 7 capabilities). Abusing the CAP_SYS_ADMIN capability given to the python3 interpreter, in order to elevate privileges and obtain the flag.

Solution steps:

Identify possible ways to escalate privileges. Using getcap -r / 2>/dev/null, we can identify all binaries with capabilities.
Exploit CAP_SYS_ADMIN capability given to python3 interpreter to escalate privileges and obtain the flag.

There are multiple ways to complete the challenge. One of them is described in the solution script, which is provided in solve.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cap-i-sh

cap-i-sh

README.md

Cap-i-sh

Description

Solution

Files

cap-i-sh

Directory actions

More options

Directory actions

More options

Latest commit

History

cap-i-sh

Folders and files

parent directory

README.md

Cap-i-sh

Description

Solution