TryHackMe - Linux Privilege Escalation: Sudo
This article discusses the solution for TryHackMe's Linux Privilege Escalation Kernel Sudo tasks so proceed with caution.
I would suggest that you try to solve it on your own as you will learn a lot in the process of attempting. Try to give it your all until you feel that you are really hopelessly stuck.
Privilege Escalation SUDO Solution
A user may be given sudo privileges for specific applictions.
Can use these programs to execute sudo commands
Refer to GTFO BINS for reference.
Also check LD_PRELOAD exploit.
How many programs can the user "karen" run on the target system with sudo rights?
What is the content of the flag2.txt file?
The inside the nano editor execute the following:
^R^X reset; sh 1>&0 2>&0
We will have a terminal with root access within nano.
How would you use Nmap to spawn a root shell if your user had sudo rights on nmap?
- Again go to https://gtfobins.github.io/#+sudo, and lookup nmap.
Answer: sudo nmap --interactive
What is the hash of frank's password?
- Execute the following command and look for frank's password hash. (still using the terminal inside nano).
Until next time. Keep learning.
Stay stoked and code. :)
I hope you can voluntarily Buy Me A Coffee if you found this article useful and give additional support for me to continue sharing more content for the community. :)
Thank you very much. :)