Nibbles 🔸

Enumeration

Initial Access

Searching, we find https://github.com/squid22/PostgreSQL_RCE.

Clone, create venv and install requirements.

Edit host and port and use port 80 on listener.

Privilege Escalation

Get local flag.

find has SUID privs.

Looking in gtfobins.

Post Exploitation

Get the flag.