April 5, 2025

PC Proving Grounds Write-Up

Adrian Reategui
Share
Proving Grounds PC machine walkthrough

SUMMARY

This write-up covers the PC machine from Offsec’s Proving Grounds, a Linux machine where an internal service running as root provided the privilege escalation path.

Port 8000 exposed a console already authenticated as a low-privilege user on the victim machine. Enumerating the system revealed a Python RPC script (rpc.py) in /opt. Process inspection confirmed it was running as root on port 65432. Searching for exploits related to that port surfaced a relevant public exploit, which was downloaded and modified with the correct payload. Executing it killed the running service and returned a shell as root.

PATH TO FOLLOW

  1. Reconnaissance & Console Access on Port 8000
  2. Internal RPC Service Discovery on Port 65432
  3. Root Process Confirmation via ps -faux
  4. Public Exploit Identification & Payload Modification
  5. Exploit Execution & Shell as Root

Due to OffSec’s policy on content sharing, these write-ups will provide hints only rather than full solutions.I know, boring stuff.

Linux RPC Port Exploitation ProvingGrounds

Table of Contents