Pentest PandoraFMS Backup Utility root priv escalation
Situation:
- reverse shell or ssh connection.
official site : https://pandorafms.com/manual/en/ation/05_big_environments/07_server_management
executing command :
/usr/bin/pandora_backup
show we have no permission.
reading the backup script it shows that depends on tar, so i created my own tar and changed the path
result :
rooted !