SSH exploit

Hello !
I am a studen in computer science (first year) and we have to acess a ssh server, we have a username and password, and we msut execute a file from another user (lets say i am user1@machine.com and i must copy the file "FILE" from the user "root")
The problem is the file "FILE" is protected from reading (or writing or executing) so do anyone have any idea ?

Well if the hint is to utilize the environment variables, the following won't apply.

But you could, load up another OS, mount this *nix OS, copy /etc/shadow and /etc/passwd, then run it through JTR or another hash cracking tool, since if this a challenge set by your teacher and not some other machine your trying to hack into, the hashed password would probably be possible to dict attack.

Any back to your ENV variables. Run nmap -v on 192.168.0.115:1337, or if you don't have nmap and can't compile, you can instead banner grab to detect SSH service version. In all likelihood, it is probably an old SSH service, hence many exploits available. Problem is things like MSF need root for installation, so you can't just run public exploits, unless they are public standalone source exploits.

There are also many standalone sources which can escalate privileges to root through kernel exploits.

Anyway I'm starting to share too much of my BH knowledge, and I doubt you need to go any further than this in some CS class. Yes there are more intricate methods to run files as root whilst being user, but over and out.

̵̞̟̠̖̗̘̙̜̝̞̟̠̊̋̌̍̎̏̐̑̒̓̔̊̋̌̎̏̐̑̒̓̔̿̿̿̕̚̕̚Hni het He ͡҉҉̔̕̚̕̚҉brew  ̔̕̚̕̚҉Ge.͍̦͇͔̲͓͔̜ͯ͂̆̋́̕ ̡̯͈̺̣̮̙̒͒̀̆nes ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ ͡҉҉̔̕̚̕̚҉is nad -͟҉̷̨̱̠͔̭̼̮̩̪̳ͅͅ-̧̯̹̖̠̞̼̻̥̪͢͢͟ obok .̢͖̲͔̬͔͝,̷̻̲͍͢͠f Exodus, ew a ͡ ͡҉҉lso en ̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘cuno ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ # ̎̏̐̑ ̕̚̕̚ ̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇O ҉ ̵̡̢̢̛̛̛̖̗̘̙̜̝̞̟ ̠̖̗̘̙̜̝̞̟̠̊̋̌̍̎ ̏̐̑̒̓ ̌̍̎̏̐̑̒̓̔̊̋̌̕̚̕ ̍̎̏̐̑̒̓̔̿̿̿̕̚̕̚ ̵̞̟̠̖̗̘̙̜̝̞̟̠̊̋̌̍̎̏̐̑̒̓̔̊̋̌̎̏̐̑̒̓̔̿̿̿̕̚̕̚H ̓̔̿̿̿̕̚۩IT T ̔̕̚̕̚҉R ͡҉H} ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ ͡҉ -̷̡͖͖̫̩͎̙͙̖̖̕͟ͅ.̴̶̨̢̭̞̰̯̖̳͍͈̕-̶̨͔͕͓̯̭͕͢,̴̶̳̬͚͔̗̝̗̬-̱͇̬͖̝̩̘̣͓͈̮͜͞͡[0^{██████████_{█1████      nlim   ∑   1 = π2n→∞  k=1  k2  6████████}}█1█2████ ̵̞̟̠̖̗̘̙̜̝̞̟̠̊̋̌̍̎̏̐̑̒̓̔̊̋̌̎̏̐̑̒̓̔̿̿̿̕̚̕̚H3█^{██████████_{████5█████8████}}█13██ ̞̟̠͇̊̋̌̍̎̏̐̑̒̓̔ ̊̋̌̍̎̏̐̑̒̓̔̿̿̿̕ ̚̕̚͡ ͡҉ ҉̔̕̚̕̚҉ ~ ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ ͡ ҉҉ ̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘# ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚ ҉҉ ͡҉҉̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑L̓̔̿̿̿̕̚̕̚͡ ͡҉҉G̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ ͡҉҉^{█21███████████████34███ ̵̞̟̠̖̗̘̙̜̝̞̟̠̊̋̌̍̎̏̐̑̒̓̔̊̋̌̎̏̐̑̒̓̔̿̿̿̕̚̕̚H████5589 ҉̵̞̟̠̖̗̘Z̙̜̝̞̟̠ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌}144▒▒▒█▒^{██████233███_{███377███████████}}█▒610▒█ter a profou ̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ # ̎̏̐̑ ̕̚̕̚ ̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ ͡҉҉̔̕̚̕̚҉nd mathe ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍9 ͡҉8 ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡77O҉█tical Y.͠҉̶̖̳͍̠̜͖͓̰̯̩̙̬͇̼̣͉͇͚̥̀HVW ̺̻͓̱̤ͨ͊ͧ͒͊,̶̢̟̥͈͈͔͉̞͍͔̻̲͙̬̠̪̀͢ͅH fi ͡҉҉̔̕̚̕̚҉on ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡c  "O" ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇# ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚d̼̭̆̋ͭ́̅̏̇͘ ̵͍̜͔͙̗̼͚̫̒͊ͯ̇͌̃̈́͟͞t̞̯͓̲͕̗̹̤ͥ̋ͣ͌ ͖̐̌̑̉͑̉͟ ̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡ ͡҉ ҉̔̕̚̕̚҉Y ~ H G ҉҉ ̔̕̚̕̚҉ ҉̵̞̟̠̖̗̘W# O҉ ( ̵̞̟̠̖̗̘̙̜̝̞̟̠̊̋̌̍̎̏̐̑̒̓̔̊̋̌̎̏̐̑̒̓̔̿̿̿̕̚̕̚H ҉҉ ̔̕̚̕̚҉_{15972584█▒█e_e█XD^{███████4181█████████████████6765}█▒10946▒▒█17711█XD█ ̎̏̐̑̒̓̔̿̿̿̕̚̕̚͡█ ͖̐̌̑̉͑̉͟^{286594636875025121393}196418██▓▓██▒▒▒317811▒▒▓▓▓▓▓▓▒▓████▓██▓▓██▓514229832040}██_{134626921783093524578570288792274651493035224157817}3 ͡҉ ҉̔̕̚̕̚҉ 908 ҉̵̞̟̠̖̗̘̙̜̝̞̟̠͇̊̋̌̍̎̏̐̑̒̓̔̊̋̌̍8169█63.҉̵͏̶̧̣̘̹͔̗̞̼̼24598 ̎̏̐̑̒̓̔̿̿̿̕̚̕̚6██_{102334155165580141267914296433494437█70140873311349031701836311903}297-̝̰̮̤͓̘̱̖̩̥̖̦̫̲̹̹̦̞͜͠1215.̶̘͕̦̜̮̦͡͡-͖͕͚͍͚̪̺̀͟073