Course

This lab focuses on privilege escalation using the `sudo` command, a utility that allows users to run commands as another user, often as the root user. You'll start by logging in with the credentials "pentesterlab". The main task is to identify and exploit misconfigurations in the `sudo` setup. You'll use the `sudo -l` command to list the commands you are authorized to run and then utilize Ruby to execute these commands with elevated privileges.

The challenge will help you become familiar with Ruby, a programming language you'll need in future challenges. By running Ruby's REPL (Read-Eval-Print Loop), you can execute system commands and perform tasks like reading files and starting shells. The goal is to access the file named `key.txt` in the home directory, which will confirm your successful privilege escalation.