Remote Sudo Escalation

IRJ

@Dashrender said in Remote Sudo Escalation:

Why is the share important? The files are on the machine - who cares if they are shared or not - because you're not trying to access those files from another machine, you're simply trying to execute a file that exists on Local Server1.

what's the equiventant of

 psexec local-server1 "c:\path\program.sh -argument" -username local-admin -password P@$$w0rd

in Linux?

All i know to try is ssh hostname "comand_here" but it runs the output on the SMB server itself as expected.

Dashrender

@IRJ said in Remote Sudo Escalation:

@Dashrender said in Remote Sudo Escalation:

Why is the share important? The files are on the machine - who cares if they are shared or not - because you're not trying to access those files from another machine, you're simply trying to execute a file that exists on Local Server1.

what's the equiventant of

 psexec local-server1 "c:\path\program.sh -argument" -username local-admin -password P@$$w0rd

in Linux?

All i know to try is ssh hostname "comand_here" but it runs the output on the SMB server itself as expected.

What do you mean the output runs on the SMB server itself? If you have a shell open on Local Server1, you see the output in that shell? not on Remote Server1?

I think the same happens with psexec, there's no feedback to the remote host (remote server1 in this case) for the command - because it all ran on the Local Server1.

If cron is running this - why would you need output on Remote Server1?

black3dynamite

ssh -t remote_user@remote_host 'sudo reboot'

stacksofplates

What possible tool is using remote SSH commands with sudo like this?

Dashrender

@stacksofplates said in Remote Sudo Escalation:

What possible tool is using remote SSH commands with sudo like this?

he wants to execute a command using cron on a remote server, yet have the output display on the server running the cron job.

stacksofplates

@Dashrender said in Remote Sudo Escalation:

@stacksofplates said in Remote Sudo Escalation:

What possible tool is using remote SSH commands with sudo like this?

he wants to execute a command using cron on a remote server, yet have the output display on the server running the cron job.

Ah my bad. I missed the Cron part. I didn't read all of that.

stacksofplates

Can't it use local files? If so, you could just mount through NFS to access locally and not need the SMB share.

IRJ

@stacksofplates said in Remote Sudo Escalation:

Can't it use local files? If so, you could just mount through NFS to access locally and not need the SMB share.

The share has java which, we I want to avoid running locally.

travisdh1

@IRJ said in Remote Sudo Escalation:

@stacksofplates said in Remote Sudo Escalation:

Can't it use local files? If so, you could just mount through NFS to access locally and not need the SMB share.

The share has java which, we I want to avoid running locally.

So don't install a java runtime on the remote computer... now no java can possibly run on it, no matter what files are in the share.

Dashrender

@IRJ said in Remote Sudo Escalation:

@stacksofplates said in Remote Sudo Escalation:

Can't it use local files? If so, you could just mount through NFS to access locally and not need the SMB share.

The share has java which, we I want to avoid running locally.

Why does everything have to be in that one share?

IRJ

Update on this...

I just got off the webex screen share with vendor. They are baffled and are going to create an exact sandbox environment to replicate.

It is still a very early version of this software

dafyre

So...

Client Server 2 needs to mount //smbserver1/some_path /mnt/some_path
Then Client Server 2 needs to run sudo /mnt/some_path/some_script.sh ?

scottalanmiller

@IRJ said in Remote Sudo Escalation:

The vendor is telling me I should be able to run .sh file directly from samba share on client server2. So ssh should not need to be part of equation. Otherwise having the share would be pointless.

Sounds like the vendor needs some basic IT support themselves.