Unix 27

This exercise is one of our challenges to help you learn more about Unix/Linux

PRO
Tier
Easy
< 1 Hr.
13485
Unix Badge

Course


This challenge focuses on privilege escalation through misconfigurations of the `sudo` command. You will log in with the username `pentesterlab` and password `pentesterlab`, and explore how to run commands as another user, `victim`, using `sudo`. By leveraging `sudo -l`, you can see which commands you are authorized to run. The lab offers two primary ways to solve the challenge: reading a file containing a key directly or gaining a shell as the `victim` user to access the key.

For reading the file, you can specify the file's path directly on the command line or open it inside `vim` using the `:r [PATH]` command. To gain a shell as the user `victim`, you can start `vim` and type `:!/bin/bash` to run `/bin/bash`. Since `vim` runs as the `victim` user under `sudo`, the new shell will also run as `victim`, allowing you to access the key in their home directory. This lab provides a practical demonstration of how `sudo` misconfigurations can be exploited for privilege escalation.

Want to learn more? Get started with PentesterLab Pro! GO PRO