privelege escalation
Frank Promise Edah
Posted on March 24, 2022
As part of your onboarding, you've been tasked with setting a server up so that bob is a superuser. Set bob up so no password is required when he uses the sudo command and he can run any command. In addition, set up adam to be able to run the journalctl command as root without being prompted for a password.
STEP 1__ Add bob to sudo files
In order to add bob to sudo files, we have to first make bob a root user by user the sudo -i command and then run the visudo command.
STEP 2
inside the editor, press i on the keyboard to insert the folllowing:
bob ALL= (ALL) NOPASSWD: ALL
adam ALL=(root) NOPASSWD: /bin/journalctl
To exit, press the _esc key which makes insert to disappear, thereafter enter __:wq: to quit and save.
To check if your changes works properly, try:
sudo -adam
Try to install php as this user, and you will notice it doesnt allow you to because adam is only set to run /bin/journalctl.
Posted on March 24, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.