Unix 31
Bookmarked!This exercise is one of our challenges to help you learn more about Unix/Linux
In this challenge, you will use the username pentesterlab
and the password pentesterlab
to log in. The main objective is to perform privilege escalation based on sudo
command misconfigurations. By using sudo -l
, you can see the commands you are authorized to run. You will need to utilize perl -e '...'
along with valid Perl code to either print the content of /home/victim/key.txt
or spawn a shell running as the victim
user.
The video provides an introduction to the challenge, explaining how sudo
allows you to run commands as another user, typically root. Created in 1980 as part of Unix, sudo
stands for "superuser do." Unlike su
, sudo
requires your current user password before granting additional privileges. For this specific challenge, you can run Perl as the victim
user and use it to either read the restricted key.txt
file or spawn a shell. The goal is to access the key in the file to complete the challenge successfully.