Unix 31

Bookmarked!

This exercise is one of our challenges to help you learn more about Unix/Linux

PRO
Tier
Medium
< 1 Hr.
13324
Unix Badge

In this challenge, you will use the username pentesterlab and the password pentesterlab to log in. The main objective is to perform privilege escalation based on sudo command misconfigurations. By using sudo -l, you can see the commands you are authorized to run. You will need to utilize perl -e '...' along with valid Perl code to either print the content of /home/victim/key.txt or spawn a shell running as the victim user.

The video provides an introduction to the challenge, explaining how sudo allows you to run commands as another user, typically root. Created in 1980 as part of Unix, sudo stands for "superuser do." Unlike su, sudo requires your current user password before granting additional privileges. For this specific challenge, you can run Perl as the victim user and use it to either read the restricted key.txt file or spawn a shell. The goal is to access the key in the file to complete the challenge successfully.

Want to learn more? Get started with PentesterLab Pro! GOPRO