Unix 27

This challenge focuses on privilege escalation through misconfigurations of the sudo command. You will log in with the username pentesterlab and password pentesterlab, and explore how to run commands as another user, victim, using sudo. By leveraging sudo -l, you can see which commands you are authorized to run. The lab offers two primary ways to solve the challenge: reading a file containing a key directly or gaining a shell as the victim user to access the key.

For reading the file, you can specify the file's path directly on the command line or open it inside vim using the :r [PATH] command. To gain a shell as the user victim, you can start vim and type :!/bin/bash to run /bin/bash. Since vim runs as the victim user under sudo, the new shell will also run as victim, allowing you to access the key in their home directory. This lab provides a practical demonstration of how sudo misconfigurations can be exploited for privilege escalation.