Alabaster Snowball - Nyanshell#
Objective: Bypassing the Frido Sleigh CAPTEHA
Welcome to the Speaker UNpreparedness Room!
My name's Alabaster Snowball and I could use a hand.
I'm trying to log into this terminal, but something's gone horribly wrong.
Every time I try to log in, I get accosted with ... a hatted cat and a toaster pastry?
I thought my shell was Bash, not flying feline.
When I try to overwrite it with something else, I get permission errors.
Have you heard any chatter about immutable files? And what is sudo -l telling me?
- "On Linux, a user's shell is determined by the contents of /etc/passwd"
- "sudo -l says I can run a command as root. What does it do?"
When you try to log in as Alabaster using
su alabaster_snowball you'll end up with a Nyan cat animation you can't exit from. Follow the steps listed below to replace Alabaster's current shell with a copy of
grep -i alabaster /etc/passwd: show Alabaster's default shell.
ls -l /bin/nsh: show file permissions.
-rwxrwxrwxmeans anyone can read/write/execute.
lsattr /bin/nsh: show file attributes.
imeans the immutable flag is set.
sudo -l: show commands we can run with elevated privileges. In this case
sudo chattr -i /bin/nsh: remove the immutable flag on
/bin/nshso it can be overwritten.
cp /bin/bash /bin/nsh: replace Nyan Shell with Bash.
su alabaster_snowball: log in as alabaster_snowball.
Who would do such a thing?? Well, it IS a good looking cat.
Have you heard about the Frido Sleigh contest?
There are some serious prizes up for grabs.
The content is strictly for elves. Only elves can pass the CAPTEHA challenge required to enter.
I heard there was a talk at KCII about using machine learning to defeat challenges like this.
I don't think anything could ever beat an elf though!