Unix 28
Bookmarked!This exercise is one of our challenges to help you learn more about Unix/Linux
In this lab, you will explore privilege escalation techniques by leveraging misconfigurations in the sudo
command. The sudo
command allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. By using sudo -l
, you can list the commands you're authorized to run. In this specific challenge, the user pentesterlab
is allowed to run the less
command as the user victim
.
There are two main methods to solve this challenge: you can either directly read the file containing the key by specifying its full path or by opening the file inside less
using :e [PATH]
. Alternatively, you can gain a shell as the victim
user by starting less
and then typing !/bin/bash
to execute /bin/bash
. Since less
runs as the victim
user due to sudo
, the new shell will also run as the victim
user. Once you obtain the shell, the key will be located in the home directory of the victim
user.