Unix 30

This lab focuses on privilege escalation by exploiting misconfigurations in the sudo command. You'll start by logging in with the provided credentials and using sudo -l to identify allowed commands. The challenge involves creating a setgid program that runs with elevated privileges, specifically those of the victim group. By writing a simple C program to read a restricted file and compiling it, you'll understand how setgid and setuid bits can be used to gain unauthorized access.

Through this exercise, you'll also learn about the importance of secure configurations and the potential risks associated with improperly set setuid and setgid bits. The lab demonstrates how a seemingly simple misconfiguration can lead to significant security vulnerabilities, emphasizing the need for careful management of permissions and user roles.