Unix 30
This exercise is one of our challenges to help you learn more about Unix/Linux
Course
This lab focuses on privilege escalation by exploiting misconfigurations in the `sudo` command. You'll start by logging in with the provided credentials and using `sudo -l` to identify allowed commands. The challenge involves creating a `setgid` program that runs with elevated privileges, specifically those of the `victim` group. By writing a simple C program to read a restricted file and compiling it, you'll understand how `setgid` and `setuid` bits can be used to gain unauthorized access.
Through this exercise, you'll also learn about the importance of secure configurations and the potential risks associated with improperly set `setuid` and `setgid` bits. The lab demonstrates how a seemingly simple misconfiguration can lead to significant security vulnerabilities, emphasizing the need for careful management of permissions and user roles.