Unix 26

This exercise is one of our challenges to help you learn more about Unix/Linux

PRO
Tier
Easy
< 1 Hr.
13548
Unix Badge

Course


In this challenge, you will practice privilege escalation techniques by exploiting misconfigurations in the `sudo` command. You will be working with the `find` command and its `-exec` option, which allows you to execute commands on matched files. By running `sudo -l`, you can see that you are authorized to run `/usr/bin/find` as the victim user.

Using your knowledge from previous exercises, you can leverage the `-exec` option to either start a shell as the victim user or directly read the contents of the `key.txt` file located in the victim's home directory. This exercise demonstrates how improper configurations can be exploited to gain elevated privileges on a system.

Want to learn more? Get started with PentesterLab Pro! GO PRO