Escalation Basics SUID/SUDO
- Find SUID binaries
find / -perm -4000 2>/dev/null - Find what I can do SUDO
sudo -l
Bingo, there is an executable that we can do sudo without password!
(root) NOPASSWD: /usr/bin/python3.8 /opt/skytrain_inc/ticketValidator.py