Cyber.spirit wrote:Shadowzero, i ran a brute force attack against admin account and i hacked it. So i can read, write, del files but i cant logon using that account to other services as i mentioned the server is Linux
And that may be the best you'll be able to do in this situation. It's not always possible to compromise a system or escalate privileges.
A couple points to keep in mind:
- If a service has a vulnerability that can only be exploited from an authenticated session, obtaining credentials may help you exploit the service. Otherwise, you'll just have standard access to the service.
- Obtaining access to information is often sufficient. If a service you compromise contains sensitive information, that in itself is enough to sound the alarms. You don't need to root the box on top of that.
- You may be able to leverage that access in other attacks. For example, you may be able to upload a file that could be accessed by a web server. Don't assume each service on a system exists in isolation.