コンテンツへスキップ

Security Engineer's blog on Active Directory, Malware Analysis, and Offensive Security.

openssl

Abusing a World-Writable /etc/passwd for Root

How a writable /etc/passwd or /etc/shadow leads to instant root, with PoC and Blue Team defenses.

Author

Yunolay

Security Engineer.

HackTheBox : Omniscient Rank.

Team: 7h3B14ckKn1gh75. (aka) Knights.

Certified

FE, AP, SC,

OSCP, OSWE, OSEP, OSED, OSCE3, OSEE, HTB(CWES, CPTS, CWEE), eCPPTv2, eWPTXv2

7h3B14ckKn1gh75

SNS

X (Twitter) :

https://twitter.com/Yunolay

Youtube :

作成した動画を友だち、家族、世界中の人たちと共有

www.youtube.com

Github :

Yunolay – Overview

Yunolay has 12 repositories available. Follow their code on GitHub.

Linkdin :

https://www.linkedin.com/in/Yunolay

www.linkedin.com

Anilist :

Yunolay's AniList user profile

Yunolay Omniscient

Rank: 21 2525 66

YunolayFollow

Tag

Privilege Escalation39 Active Directory25 Linux21 Windows20 web-security15 red-team14 blue-team13 Kerberos12 owasp11 Post-Exploitation10 Persistence8 RCE8 credential-access7 malware-analysis6 mimikatz6 lateral-movement6 Impacket5 binary-exploitation5 enumeration5 LFI4 oscp4 suid4 sudo4 PHP4 Cloud Security4 pwn4 SMB4 cron3 Hashcat3 AWS3 ssh3 Detection3 VBS3 Evasion3 Docker3 container-security3 reverse-engineering3 SSRF3 Authentication3 Delegation3 NTLM Relay3 ADCS3 sql-injection3 sqlmap3 Web Exploitation3 gdb2 Registry2 wildcard-injection2 lsass2 static-analysis2 Exploitation2 ret2libc2 ld_preload2 kubernetes2 Phishing2 Pacu2 password-spraying2 IAM2 gtfobins2 rop2

Search

Archive

June 2026
May 2026
April 2026
March 2026
February 2026
January 2026
December 2025
November 2025
October 2025
September 2025
August 2025
November 2024
December 2023
November 2023
October 2023

Category

Active Directory
Cloud Security
Linux Privesc
Malware & C2
Mobile API OSINT
Offensive Security Lab Japan
Other
RE & Pwn
Security
Tools & Defense
Vulnlab
Web Exploitation
Windows Privesc

© 2023 Yunolay's Blog.

Home
Search
Top
Sidebar