Course

In this challenge, you will explore privilege escalation based on misconfigurations of the sudo command. The user pentesterlab can become the user victim and run the command /usr/bin/python. By utilizing the Python REPL, you can import necessary modules and execute commands to read files or create new shells.

The goal is to get familiar with Python and understand how to leverage it for running commands as another user. You will practice importing modules, executing system commands, and ultimately accessing the key file located in /home/victim/key.txt. This exercise will also prepare you for more advanced challenges that require code execution skills.