Unix 29

This exercise is one of our challenges to help you learn more about Unix/Linux

PRO
Tier
Easy
< 1 Hr.
13399
Unix Badge

Course


This challenge focuses on privilege escalation by exploiting misconfigurations in the `sudo` command. You'll log in with the credentials "pentesterlab" and use `sudo -l` to list authorized commands. The goal is to either read a file containing a key or gain a shell as the user "victim."

To read the file, you can specify the file's path directly on the command line using `awk '{print $0}' /home/victim/key.txt`. Alternatively, to gain a shell as the user "victim," you can use `awk '{system("/bin/bash")}'`. Understanding how to manipulate `sudo` configurations can be crucial for ethical hacking and system auditing.

Want to learn more? Get started with PentesterLab Pro! GO PRO