Machine Synopsis

Slonik is a Medium-difficulty Linux machine that focuses on NFS, PostgreSQL abuse, and privilege escalation through insecure backup automation. Initial access is obtained by enumerating exposed NFS shares and leveraging UID/GID trust relationships to access a home directory. History files within the share reveal database credentials and reference a locally bound PostgreSQL socket. Although direct SSH access is restricted, the socket is tunneled over SSH to interact with the database, where built-in PostgreSQL functionality is leveraged to achieve remote code execution. Privilege escalation is accomplished by monitoring system processes and identifying a root-executed backup script, ultimately leveraging `pg_basebackup` behavior and SUID permissions to obtain a root shell.