Unix 30

This exercise is one of our challenges to help you learn more about Unix/Linux

PRO
Tier
Medium
< 1 Hr.
13015
Unix Badge

Course


This lab focuses on privilege escalation by exploiting misconfigurations in the `sudo` command. You'll start by logging in with the provided credentials and using `sudo -l` to identify allowed commands. The challenge involves creating a `setgid` program that runs with elevated privileges, specifically those of the `victim` group. By writing a simple C program to read a restricted file and compiling it, you'll understand how `setgid` and `setuid` bits can be used to gain unauthorized access.

Through this exercise, you'll also learn about the importance of secure configurations and the potential risks associated with improperly set `setuid` and `setgid` bits. The lab demonstrates how a seemingly simple misconfiguration can lead to significant security vulnerabilities, emphasizing the need for careful management of permissions and user roles.

Want to learn more? Get started with PentesterLab Pro! GO PRO