Course

In this PentesterLab challenge, you will tackle a privilege escalation scenario involving the sudo command. You will start by logging in with the credentials provided and then explore how to exploit misconfigurations in sudo to gain higher privileges. The challenge involves using the sudo -l command to check your permissions and then running a Node.js script to execute commands as another user.

You will practice writing JavaScript code that leverages Node.js to read files and execute commands. This exercise aims to make you comfortable with JavaScript syntax for command execution, which is a crucial skill for more advanced challenges. By the end of this lab, you should be able to read the key.txt file in the victim's home directory, demonstrating your ability to escalate privileges effectively.