PERMISSIONS

Link: Permissions

• SSH into the machine with the credentials provided. Our aim here is to read a root file which contains the flag. You have logged in as a user with no root privileges hence when you try to go to the root directory, you get the message;

• Let’s find out if this user can run any sudo commands. You can accomplish this using the command sudo -l.

• You can see that the user can run vi with root privileges. You can use GTFOBins to find the means to escalate privileges if you can run vi with sudo permissions.

• Copy and paste this command on your terminal and run it to get a root shell as shown below.

• Now read the contents of the root file that has the flag. This file is hidden.