Assist Kyle at the old data center with a fire alarm that just won’t chill.
π·οΈπ·οΈ Challenge Link: https://www.sans.org/cyber-ranges/holiday-hack-challenge
π©π© Room Scenario: π©π©
π chiuser @ Dosis Neighborhood ~ π $
π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯
DOSIS NEIGHBORHOOD FIRE ALARM SYSTEM – LOCKOUT MODE
π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯
π¨ EMERGENCY ALERT: Fire alarm system admin access has been compromised! π¨
β
The fire safety systems are experiencing interference and
admin privileges have been mysteriously revoked. The neighborhood’s fire
protection infrastructure is at risk!
β οΈ CURRENT STATUS: Limited to standard user access only
π FIRE SAFETY SYSTEMS: Partially operational but restricted
π― MISSION CRITICAL: Restore full fire alarm system control
β
Your mission: Find a way to bypass the current restrictions and elevate to
fire safety admin privileges. Once you regain full access, run the special
command `/etc/firealarm/restore_fire_alarm` to restore complete fire alarm system control and
β protect the Dosis neighborhood from potential emergencies.
π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯π¨π₯
π©π© Room Hints: π©π©
β You know, Sudo is a REALLY powerful tool. It allows you to run executables as ROOT!!! There is even a handy switch that will tell you what powers your user has.
β Be careful when writing scripts that allow regular users to run them. One thing to be wary of is not using full paths to executables…these can be hijacked.
β οΈ Educational Purpose Only
This content is for educational and authorized penetration testing purposes only. Always ensure you have permission before testing on any systems.
Don’t forget to π LIKE and π SUBSCRIBE for more cybersecurity tutorials!
#HolidayHack #sans
source
