Nibbles 🔸

Enumeration

Initial Access

Searching we find https://github.com/squid22/PostgreSQL_RCE

Clone, create venv and install requirements.

Edit host and port and use port 80 on listener.

Privilege Escalation

Get local flag

Find has suid privs

Looking in gtfobins

Postexploitation

Get the flag